[c-nsp] Shapping NTP traffic on 6500/7600

Dobbins, Roland rdobbins at arbor.net
Wed Feb 26 19:48:41 EST 2014

On Feb 27, 2014, at 6:41 AM, Thomas St-Pierre <tstpierre at iweb.com> wrote:

>  Normal traffic shouldn’t be affected,

It will be crowded out during an attack.

I don't know if you've the ability to match on packet size or not in hardware for QoS - if so, UDP/123 packets which *aren't* 76 bytes in length is a good classifier, as it leaves timesync ntp traffic alone and squelches everything else.

Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

More information about the cisco-nsp mailing list