[Update] Re: New ISP to market, BCP 38, and new tactics

• Previous message (by thread): [Update] Re: New ISP to market, BCP 38, and new tactics
• Next message (by thread): outblaze contact
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 7/02/2009, at 5:20 AM, Brad Fleming wrote:

> On Feb 4, 2009, at 2:52 AM, Steve Bertrand wrote:
>>>>>
>>
>> http://tools.ietf.org/html/draft-kumari-blackhole-urpf-02
>>
>
> If I understand this correctly, there will be a route entered on  
> each edge router for all sources that are participating in a DDoS  
> attack. Is anyone worried about TCAM usage if one of their customers  
> gets hit with a larger DDoS attack? Add in our IPv6 and V4 multicast  
> tables chewing up more TCAM space and things get even more dicy!
>
> For my part, I'd be worried if the overall IPv4 unicast route table  
> got much larger than ~1million entries because our hardware-based  
> routers might run out of TCAM and bring the whole network to a  
> screeching halt.


Or more than 256k routes on a SUP2, or 192k/239K routes on a SUP720.

We are at 285798 as of last CIDR report.

So, I guess you should be worried.. now :-)

--
Nathan Ward

• Previous message (by thread): [Update] Re: New ISP to market, BCP 38, and new tactics
• Next message (by thread): outblaze contact
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]