[c-nsp] Equipment for a large-ish LAN event
Lukas Tribus
luky-37 at hotmail.com
Wed Dec 9 17:31:51 EST 2015
> I was thinking for worst case, perhaps a sore loser after getting
> killed in the game decides to generate traffic with the intention
> of creating issues
That guy will generate traffic that looks like gaming traffic ...
> By priority queuing game traffic
... you will most likely have to police your PQ, therefor creating
an artificial bottleneck making the DoS even easier.
You would have to rate-limit gaming-traffic on each access-port,
but this is getting so complex, you would probably keep tuning
your QoS policies 12 hours into the event (can you really predict
game traffic *before the event takes place* and guarantee smooth
gaming in all conditions? I don't think so).
I would invest more time into a good netflow configuration
(and a baseball bat for the field engineer).
When talking about DoS, its very easy to makes things worse with
QoS and firewalls, thats what all I'm saying.
Regards,
Lukas
More information about the cisco-nsp
mailing list