Re: (PM) Which router to use for BGP-4?

Tim Tsai (tim@futuresouth.com)
Fri, 3 Jul 1998 18:29:49 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jon Lewis: "Re: (PM) Which router to use for BGP-4?"
Previous message: Jordyn A. Buchanan: "Re: (PM) Which router to use for BGP-4?"
In reply to: Karl Denninger : "Re: (PM) Which router to use for BGP-4?"
Next in thread: Jon Lewis: "Re: (PM) Which router to use for BGP-4?"

On Fri, Jul 03, 1998 at 07:25:00PM -0400, Jordyn A. Buchanan wrote:
> I don't get it. A Smurf attack is just packets, right? I've seen our 3640
> handle a whole lot more than a saturated T-1 worth of packets. In fact,
> the one time we were smurfed, the line that got toasted was running into a
> 2501, and its processor was able to handle the load, the line just sat
> maxed out for a while... (We even got legitimate packets through now and
> then, but they were an unfortunately small part of the total flow...)
>
> What is it about a smurf attack that makes it CPU-intensive?

Lots of little packets. The 3600 series starts to choke when you have
more than 1000 packets on a single interface. Imagine my surprise during
one such attack and have the Cisco engineer suggest a 7500 to me. On
two T1's! I've seen it hit at 3000 packets/s - you can forget about any
response time. CPU at 99%, etc.

Our 3640 handles our two T1's with tons of heavy filters and traffic
shapping just fine too, as long as that packets/s rate is low.

Tim
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

Next message: Jon Lewis: "Re: (PM) Which router to use for BGP-4?"
Previous message: Jordyn A. Buchanan: "Re: (PM) Which router to use for BGP-4?"
In reply to: Karl Denninger : "Re: (PM) Which router to use for BGP-4?"
Next in thread: Jon Lewis: "Re: (PM) Which router to use for BGP-4?"