[c-nsp] Sup2T interface ACL limitations
Dobbins, Roland
rdobbins at arbor.net
Sat Dec 21 23:09:27 EST 2013
On Dec 22, 2013, at 7:52 AM, Łukasz Bromirski <lukasz at bromirski.net> wrote:
> ACLs are good for basic sanity checks and segmenting the traffic for ports (L4+). BGP scales way better for L3 than them and it’s faster
> and way easier to dynamically update the entries.
Concur 100%.
ACLs are a network access policy enforcement tool.
S/RTBH is a DDoS reaction/mitigation tool.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
More information about the cisco-nsp
mailing list