IPSEC VPNs capable of handling worm traffic
dgolding at burtongroup.com
Thu Nov 20 00:15:40 UTC 2003
All of these cute references to "vendor c" and "vendor n" go by the wayside
when we slip and say "Nortel" or refer to "CEF". :)
IMHO, if you aren't breaking an NDA, you might as well name names. If you
are breaking an NDA, using initials won't screen you from legal jeopardy...
- Daniel Golding
On 11/19/03 6:27 PM, "Magnus Eriksson" <magnus at eriksson.mu> wrote:
> The last 2 days I've been fighting against the Nachi ICMP onslaght on a
> customer network.
> Problem is that the "random" destination traffic seem to kill my VPNs by
> vendor N. CPU is consumed, probably due to trying to maintain/update
> route cache. Or maybe it hits it's pps limit.
> Ordinary traffic req. is approx. 10 Mbit/s mixed traffic.
> Worm traffic I would like to be able to handle is approx 2-3kpps.
> Anyone know of any VPN boxes/routers with VPN capability that is better
> able to handle the onslaught? Is vendors C's boxes better than Nortel's?
> Is CEF going to help me? Or is the problem pps related?
> Will it help to throw a bigger box at the problem?
> Any advice greatly appreciated.
> Magnus - Sweden
More information about the NANOG