[c-nsp] DNS amplification
Phil Mayers
p.mayers at imperial.ac.uk
Mon Mar 18 07:01:34 EDT 2013
On 03/18/2013 02:25 AM, Dobbins, Roland wrote:
>
> On Mar 18, 2013, at 1:40 AM, Jon Lewis wrote:
>
>> Cisco SNMP counters count packets before they're dropped by
>> QoS...so all those dropped packets still "count" if you're billing
>> by the byte.
>
> Same for NetFlow, except on crippled pre-Sup2T/DFC4 6500s/7600s and
> pre-Sup7 4500s.
I'm not hugely sure what QoS has to do with BCP 38, but ACL- and
RPF-dropped flows have output interface of 0 on sup720, IME.
More information about the cisco-nsp
mailing list