[f-nsp] Jetcore prefix-based?

Sam Stickland sam_ml at spacething.org
Fri May 28 12:02:26 EDT 2004


Found this thread:
http://www.webhostingtalk.com/showthread.php?threadid=266371

With some interesting snippets:

"No, that's wrong, and if you'd taken the time to read the archetictural
notes they published when the JetCore modules were released, you would know
that. The JetCore modules use the same basic technology as the IronCore.
They still have the same 3 level IPv4 TCAM, however the JetCore CAM is twice
as large. Some of the TCAM table entries are now twice as large, though; the
layer 4 service load balancing flow entries, for example.

The reason JetCore is less vulnerable to random source / destination DDoS is
that, upon a TCAM lookup miss on the ingress module, the IronCore modules
forward the entire frame to the management module; and the management module
then updates the ingress module's TCAM. JetCore forwards only the first 64
bytes of the lookup miss packet to the management blade to do the same job.
I posted on this in great detail a couple months ago. Search my posts for
Foundry and you should find some good information."

Unfortunately searching the site doesn't seem to reveal the post he's
talking about.

Sam Stickland <sam_ml at spacething.org> wrote:
> Is the Jetcore chipset prefix-based? I've heard some reports that it's
> actually flow based but Foundry made modifications to the previous
> Ironcore chipset to make it preform like a prefix-based switch?
>
> How will a BigIron 15000 with a J-FxGMR4 preform under a DDOS attack?
>
> I'm also a bit confused as to the differences between the FastIron and
> BigIron. They both seem to be Jetcore based and have similar modules
> numbers and specs. What are the differences?
>
> Sam
>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp




More information about the foundry-nsp mailing list