BW Management solutions advice

Pekka Savola pekkas at netcore.fi
Sat Oct 23 05:12:39 UTC 2004


On Fri, 22 Oct 2004, Albinati, Luis Martin wrote:
> I am considering some bandwidth management solutions and would like to
> know if some of you people have had some real world experiences with
> this kind of boxes.
> More specifically I am looking at some Large-ISP or Carrier-Grade
> solutions with at least the following specifications:
> 
> >= 1Gbps traffic capacity
> >500k simultaneous connections
> Layer 7 stateful packet inspection (via protocol signatures and/or
> protocol analysis)
> Traffic prioritization, shaping, QoS and bandwidth provisioning based on
> custom defined policies (vlan id, ip ranges, tos, time of day, etc)
> possibility to easily update and deploy new or modified protocol
> definitions without affecting availability.

Add here: "automatic rate-limiter adaptation" / "attack pattern
recognition".

Do we still have solutions on the table?  I'd be interested what kind
of solutions are available in Gbit/s-grade which do not need you to
configure certain kind of rate-limiters a priori, but can
automatically react to most kinds of attacks, even simple ones (e.g.,
TCP SYN floods).

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings




More information about the NANOG mailing list