[c-nsp] Prioritize PING traffic to control plane

Lukas Tribus luky-37 at hotmail.com
Sun Aug 10 08:10:55 EDT 2014


> The cure for this is customer education, not making the router more
> vulnerable to DDoS attacks, either deliberate or unintentional ones.
> 
> ;>

Agreed, but the CPU scheduler should still not allow what in QoS designs
we call "default queue starvation".


A bulk priority task like a massive BGP update which takes tens of seconds
to complete is not expected to be realtime anyway, so it should not stall
small low/default priority tasks.

We are doing this in QoS, and we are doing this in PC/server OS'es, so
why don't we do it in our Router OS?

Perhaps intelligent reservation and queuing of resources is not what our
vendors are voluntarily pushing, because "just buy bigger boxes" is such
a good answer for them, even though its not a solution at all.



Regards,

Lukas 		 	   		  


More information about the cisco-nsp mailing list