Blocking TCP flows?

Patrick Bailey pmbailey2 at yahoo.com
Thu Jun 13 23:02:23 UTC 2013


Procera Networks -- http://proceranetworks.com 

That will do what you want. 

Thanks,
---
Patrick Bailey

On Jun 13, 2013, at 3:32 PM, Eric Wustrow <ewust at umich.edu> wrote:

> Hi all,
> 
> I'm looking for a way to block individual TCP flows (5-tuple) on a 1-10 gbps
> link, with new blocked flows being dropped within a millisecond or so of
> being
> added. I've been looking into using OpenFlow on an HP Procurve, but I don't
> know much in this area, so I'm looking for better alternatives.
> 
> Ideally, such a device would add minimal latency (many/expandable CAM
> entries?), can handle many programatically added flows (hundreds per
> second),
> and would be deployable in a production network (fails in bypass mode). Are
> there any
> COTS devices I should be looking at? Or is the market for this all under
> the table to
> pro-censorship governments?
> 
> Thanks,
> 
> -Eric




More information about the NANOG mailing list