[c-nsp] Shapping NTP traffic on 6500/7600
Dobbins, Roland
rdobbins at arbor.net
Wed Feb 26 19:48:41 EST 2014
On Feb 27, 2014, at 6:41 AM, Thomas St-Pierre <tstpierre at iweb.com> wrote:
> Normal traffic shouldn’t be affected,
It will be crowded out during an attack.
I don't know if you've the ability to match on packet size or not in hardware for QoS - if so, UDP/123 packets which *aren't* 76 bytes in length is a good classifier, as it leaves timesync ntp traffic alone and squelches everything else.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
More information about the cisco-nsp
mailing list