[j-nsp] ASR1002 Comparitive
Dobbins, Roland
rdobbins at arbor.net
Wed Nov 18 03:10:23 EST 2009
On Nov 18, 2009, at 2:58 PM, Florian Weimer wrote:
> Not really, forwarding 200 to 300 Mbps of attack traffic (or more) is
> not a problem anymore.
My experience differs, and has for quite some time. It's really the pps and flows which are the killer.
> That's like saying that the day of links with less than 10 Gbps of capacity are over, from an availability perspective.
Straw-man, you know better than that, heh.
> And if your router fails to forward an outbound DoS attack, that's
> actually a good thing, isn't it?
Actually, the preferred outcome is that you can block it on the router with S/RTBH or an ACL or whatever, and the router stays up forwarding the non-attack traffic.
;>
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
More information about the juniper-nsp
mailing list