FlowSpec

• Previous message (by thread): FlowSpec
• Next message (by thread): FlowSpec
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 23 Apr 2020, at 22:57, Denys Fedoryshchenko wrote:

> In general operators don't like flowspec

Its increasing popularity tens to belie this assertion.

Yes, you're right that avoiding overflowing the TCAM is very important.  
But as Rich notes, a growing number of operators are in fact using 
flowspec within their own networks, when it's appropriate.

Smart network operators tend to do quite a bit of lab testing, 
prototyping, PoCs, et. al. against the very specific combinations of 
platforms/linecards/ASICs/OSes/trains/revisions before generally 
deploying new features and functionality; this helps ameliorate many 
concerns.

Also, don't forget about S/RTBH.  It's generally confined to within an 
operator's own span of administrative control for some of the same 
reasons as flowspec (not generally TCAM, per se, but concerns about 
giving Customer A the ability to interfere with Customer B's traffic, 
and the difficulty of implementing such constraints).  It can be an 
option worth exploring, in many circumstances.

--------------------------------------------
Roland Dobbins <roland.dobbins at netscout.com>

• Previous message (by thread): FlowSpec
• Next message (by thread): FlowSpec
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]