image stream routers

Deepak Jain deepak at ai.net
Sat Sep 17 21:24:00 UTC 2005



>>>It sounds to me like a software based machine can
>>>be plenty fast with good code under the hood.
> 
> 
>>In my experience a datacenter pumping out 1Gbps is usually doing
>>200-250kpps in that direction. Considering this a box capable of
>>around 1Mpps is "plenty fast".
> 
> 
> ... until you get an inbound ddos over that shiny gige at 1.44 Mpps. in
> today's world, planning for normal circumstances is woefully insufficient,
> you have to spec based on worst case numbers because you're almost
> guaranteed they will hit your network upside the head in the future.
> 

Not to belabor the perennial software vs hardware router discussion, 
these types of platforms can be useful in situations where you have 
powerful hardware routers upstream of them to protect them. For example 
if you have access customers terminating on a router like this... if you 
get a DDOS from them, you simply turn off the port and notify them. If 
its inbound, your border router takes care of you.

just an idea.

Deepak Jain
AiNET




More information about the NANOG mailing list