vyatta for bgp
owen at delong.com
Mon Sep 12 19:45:18 UTC 2011
On Sep 12, 2011, at 12:35 PM, Nick Hilliard wrote:
> On 12/09/2011 20:08, Michael K. Smith - Adhost wrote:
>> How do you come to this conclusion? I think a software-based router for
>> enterprise level (let's say on the 1G per provider level) can handle a
>> fair amount of zorching.
> I presume by "a fair amount", I presume you mean "barely any"?
> At large packet sizes, an "enterprise level" router will just about handle
> a 1G DoS attack. Thing is, bandwidth DoS / DDoS is sufficiently easy to
> pull off on a large scale that a 1G DoS is pretty easy.
> Incidentally, most service providers use "enterprise level" as a by-word
> for mediocre quality kit, lacking in both stability and useful features.
In your typical enterprise environment, a 1G DoS will zorch the link long
before it zorches the router at the enterprise side.
I agree that software-based routers are not a good choice for a backbone
provider, but, for an enterprise that is dealing with <1gbps links coming
in from ≤3 providers, the difference in cost makes a software router an
attractive option in many cases.
Of course it is important to understand the limitations of the solution you
choose, but, in such an environment, a USD100,000+ ASIC based router
may be like trying to kill a mosquito with a sledge hammer.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2105 bytes
Desc: not available
More information about the NANOG