[f-nsp] NetIron MLX Experience..
Gerald Krause
gk at ax.tc
Thu Aug 10 16:31:24 EDT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 10 August 2006 21:06, Richard A Steenbergen wrote:
> On Thu, Aug 10, 2006 at 10:21:58AM +0200, Gerald Krause wrote:
> > And how does the MLX/XMR series handle packets that have *no* valid L3
> > destination without a default route - can the box do this in HW? Will
> > this still eat lots of CAM in a (d)DOS?
>
> telnet at mlx1(config)#ip hw?
> hw-drop-on-def-route Set Hardware-drop on IP default route to NULL0
Ok, not bad... if it works as expected. Will the system generate ICMP's? If
so, there is some kind of ICMP rate-limit hopefully. To bad that I haven't a
test system on my side, I would like to suss out this gear a little bit
more ;-).
> So far I'm giving my thumbs up to the job Foundry has done fixing up the
> really well known design issues that have historically distinguished real
> routers from "enterprise grade L3 switches which someone decided to market
> as a core router to people gullible enough to buy into it".
Full ack on this. The MLX series (and similar) seems to be the first
generation of Foundry routers which could be called 'internet ready' without
crossing your fingers behind the back.
- --
Gerald
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFE25egdemQaDIefeoRAqseAKCjdiugimPuTb9CXuQGIuuMU0JUCQCdGQiu
8BW9CVY7gKqs+/04sqklaEw=
=S1gv
-----END PGP SIGNATURE-----
More information about the foundry-nsp
mailing list