[j-nsp] anti DDoS in trio MX'es ?
bas
kilobit at gmail.com
Tue Aug 9 09:11:24 EDT 2011
Hi,
I was reading the release notes for 11.2, and I noticed a new feature:
"Protection against distributed denial of service (DDoS) attacks "
As I was interested I read the configuration guide. (tinyurl to the
pdf http://tinyurl.com/3ptp8tu)
But after reading it I do not really understand why it is called DDoS
protection.
It seems more like a large J customer which provides pppoe services
had issues with dhcp / pppoe storms, and asked Juniper to build
policers for them.
I don't see where this has any benefit over a properly configured re
input filter.
Anyone on this list understand how this feature can be used in any
sensible way against "real" internet DDoS attacks?
Kind regards,
Bas
More information about the juniper-nsp
mailing list