Rate-limiting BCOP?

• Previous message (by thread): Rate-limiting BCOP?
• Next message (by thread): IP whitelisting in twitter (the joy of full tunnel VPN)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 24/May/20 15:55, Tarko Tikan wrote:

>
> DDoS can be a problem in this scenario. Assuming the PEs have plenty
> of capacity available and you can afford DDoS to reach PE, then you
> would shape to customer contract speed, drop the DDoS traffic and
> would not congest your access device uplink.

That is one advantage of policing at the switch port, yes. But that
would be to manage traffic coming in from the customer.

If the attack traffic is coming from the Internet (toward the customer),
then policing on the router saves the router-switch trunk.

Either way, over-sizing router-switch trunks is always best.

Mark.

• Previous message (by thread): Rate-limiting BCOP?
• Next message (by thread): IP whitelisting in twitter (the joy of full tunnel VPN)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]