Vyatta as a BRAS

• Previous message (by thread): Vyatta as a BRAS
• Next message (by thread): Vyatta as a BRAS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Routing.

We can route that. If it were targeting the box itself it would depend if the attack were getting through. 

Certainly iptables can't handle something like that but pf does well with high PPS rates. If it were all 'DROP' traffic then likely higher. If it were hitting the box directly and getting past the firewall, yes it would be substantially lower.

We were talking about routing though.
------Original Message------
From: Dobbins, Roland
To: NANOG list
Subject: Re: Vyatta as a BRAS
Sent: Jul 13, 2010 12:56 PM


On Jul 14, 2010, at 12:39 AM, <khatfield at socllc.net> <khatfield at socllc.net> wrote:

> I haven't done real world testing with Vyatta but we consistently pass 750KPPS+ without the slightest hiccup on our FreeBSD routing systems.

750kpps packeting the box itself?

Also, note that kpps is a small amount of traffic, compared to what even very small botnets can dish out.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

    Injustice is relatively easy to bear; what stings is justice.

                        -- H.L. Mencken

• Previous message (by thread): Vyatta as a BRAS
• Next message (by thread): Vyatta as a BRAS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]