> From: Saku Ytti [mailto:s...@ytti.fi]
> Sent: Saturday, May 21, 2016 2:36 PM
>
> On 21 May 2016 at 16:15, Adam Vitkovsky <adam.vitkov...@gamma.co.uk>
> wrote:
> >> I'm very very dubious if there is business case to plan to congest XL.
> >> I consider lookup congestion fault which needs to be fixed.
> >>
> > Well during DDoS attack the XL will get congested so you better be
> prepared for that.
>
> I disagree. It will only get congested if you have 0 background or you have
> background consisting of only small packets or atypical lookup cost. You
> should design/populate ports so that this is non-issue.
> If you know you have atypical lookup cost or only small packets, then you
> should leave some ports unconnected, so that you can guarantee there is
> margin.
>
> In vast majority of networks there is IMIX background of >500B average size,
> then even with modest background you have nothing to worry about, you
> can't fit more work on the wire than the LX can handle.
>
Aww now I see where the confusion is coming from.
I wasn't talking about the traffic entering the PFE via WAN input, but I meant
traffic coming in via Fabric input, should have mention that explicitly.
Unless you have cone filters at all AS entry points you can't really control or
capacity manage how much traffic is going to be sent down to any port hosting
publically accessible services or customers during a DDoS attack.
In this direction (from fabric) it is very easy for a PFE to get oversubscribed
and it doesn't even need to be doing anything fancy and can have just one
active port on it, just the 240Gbps from fabric can max it out.
adam
Adam Vitkovsky
IP Engineer
T: 0333 006 5936
E: adam.vitkov...@gamma.co.uk
W: www.gamma.co.uk
This is an email from Gamma Telecom Ltd, trading as “Gamma”. The contents of
this email are confidential to the ordinary user of the email address to which
it was addressed. This email is not intended to create any legal relationship.
No one else may place any reliance upon it, or copy or forward all or any of it
in any form (unless otherwise notified). If you receive this email in error,
please accept our apologies, we would be obliged if you would telephone our
postmaster on +44 (0) 808 178 9652 or email postmas...@gamma.co.uk
Gamma Telecom Limited, a company incorporated in England and Wales, with
limited liability, with registered number 04340834, and whose registered office
is at 5 Fleet Place London EC4M 7RD and whose principal place of business is at
Kings House, Kings Road West, Newbury, Berkshire, RG14 5BY.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
