[c-nsp] Prioritize PING traffic to control plane
Lukas Tribus
luky-37 at hotmail.com
Sun Aug 10 08:10:55 EDT 2014
> The cure for this is customer education, not making the router more
> vulnerable to DDoS attacks, either deliberate or unintentional ones.
>
> ;>
Agreed, but the CPU scheduler should still not allow what in QoS designs
we call "default queue starvation".
A bulk priority task like a massive BGP update which takes tens of seconds
to complete is not expected to be realtime anyway, so it should not stall
small low/default priority tasks.
We are doing this in QoS, and we are doing this in PC/server OS'es, so
why don't we do it in our Router OS?
Perhaps intelligent reservation and queuing of resources is not what our
vendors are voluntarily pushing, because "just buy bigger boxes" is such
a good answer for them, even though its not a solution at all.
Regards,
Lukas
More information about the cisco-nsp
mailing list