[c-nsp] Hardening LPTS
Saku Ytti
saku at ytti.fi
Fri Jun 4 10:39:22 EDT 2021
On Fri, 4 Jun 2021 at 17:19, Mark Smith <markrefresh12 at gmail.com> wrote:
> Thanks for comments. This is very valuable info. What are your thoughts about:
> flow udp default rate 0
> flow tcp default rate 0
>
> Are they safe to use? Cisco did not recommend them but I dont understand why. And they failed to explain. Maybe because they dont understand themselves either
As LPTS is never going to be particularly safe for attackers but
mostly will work for accidental congestion I would personally not
change anything, until you have realised risk, at least then I will
have some confidence that the change improves availability.
--
++ytti
More information about the cisco-nsp
mailing list