Vyatta as a BRAS

Dan White dwhite at olp.net
Tue Jul 13 21:31:29 CDT 2010


On 14/07/10 02:18 +0000, Dobbins, Roland wrote:
>
>On Jul 14, 2010, at 3:26 AM, Tony Li wrote:
>
>> The whole point about being DoS resistant is one of horsepower.  To do
>> DoS protection correctly, you need to be able to do packet examination
>> at line rate.
>
>Right.  And to date, such routers make use of ASICs - i.e.,
>'hardware-based' routers, in the vernacular.  
>
>Routers which use only centralized, general-purpose processors can't
>handle even a fraction of 'line-rate' without tanking, as innumerable
>real-world examples of said behavior over the years have repeatedly and
>conclusively demonstrated.

I'm not really all that opinionated on the subject, other than to say that
the definition of a router, and what qualifies as a sufficient router for
any given administrator's needs, greatly varies.

However, to state something like

> as innumerable real-world examples of said behavior over the years have
> repeatedly and conclusively demonstrated.

has the appearance of you struggling to hold on to an idea that may have
been more true in the past, and less true today, as is evident based on the
input from other list participants.

-- 
Dan White




More information about the NANOG mailing list