Smurf tone down

• Previous message (by thread): Smurf tone down
• Next message (by thread): Smurf tone down
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 1 May 1999, Joe  Shaw wrote:

> After dealing with UUNet security regarding several smurf incidents I
> asked them this same question.  Their response (and I'm sure it would be
> the same response of others) was that a lot of the routers on their
> network couldn't handle the load of using CEF-CAR to limit smurf attacks.

"the load" ?

The point of CAR is that is happens in the CEF path, with no/negligible (1
to 2%) additional load. Are UUNet's routers running that close to the
edge? I'd doubt it.

> I'm not sure how true that statement was since I'm not familiar with any
> part of UUNet's backbone equipment other than what I used to get my DS3
> from at Insync and now with my MAE Houston connection, but from what I've
> heard the backbones of a lot of NSP's aren't all made up of Cisco 12000's
> or even 7500's, and I'd guess a fair amount of the existing routers out
> there are borderline overloaded since it's next to impossible to get most
> backbone providers to filter traffic when you're under attack.  UUNet
> certainly wouldn't for us because of "router CPU overhead" last time I was
> under attack.

What does a 'sho cdp nei' show on your uu-net connecting router?


-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
     Atheism is a non-prophet organization. I route, therefore I am.
       Alex Rubenstein, alex at nac.net, KC2BUO, ISP/C Charter Member
               Father of the Network and Head Bottle-Washer
     Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
 Don't choose a spineless ISP; we have more backbone!  http://www.nac.net
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --

• Previous message (by thread): Smurf tone down
• Next message (by thread): Smurf tone down
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]