Using Policy Routing to stop DoS attacks

• Previous message (by thread): Using Policy Routing to stop DoS attacks
• Next message (by thread): Using Policy Routing to stop DoS attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>If you fooled the router into thinking that the reverse path for the
>source is on another another interface and then used strict unicast RPF
>checking, that may accomplish what you want without using ACLs.  I don't
>know what impact it would have on your CPU however, you'll have to
>investigate or provide more details.


However you'd also risk loosing any traffic that was asymmetric in nature.


-Jim

• Previous message (by thread): Using Policy Routing to stop DoS attacks
• Next message (by thread): Using Policy Routing to stop DoS attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]