On Nov 18, 2009, at 2:58 PM, Florian Weimer wrote: > Not really, forwarding 200 to 300 Mbps of attack traffic (or more) is > not a problem anymore.
My experience differs, and has for quite some time. It's really the pps and flows which are the killer. > That's like saying that the day of links with less than 10 Gbps of capacity > are over, from an availability perspective. Straw-man, you know better than that, heh. > And if your router fails to forward an outbound DoS attack, that's > actually a good thing, isn't it? Actually, the preferred outcome is that you can block it on the router with S/RTBH or an ACL or whatever, and the router stays up forwarding the non-attack traffic. ;> ----------------------------------------------------------------------- Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> Injustice is relatively easy to bear; what stings is justice. -- H.L. Mencken _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp