> I also did some worm-related troubleshooting and my intuition tells me > that something will surely explode in such an architecture. Just a > feeling, probably because you'll have to keep too much state per > packet or because end hosts will get another leverage over the routers > in terms of operations per packet...
Reasonable, the default mapper will have to maintain a huge per-flow-based status statistics table. What's the estimated amount of statistics for each default-mapper? In fact, the DDoS attack risk is a common problem for almost all the cache-ITR-based approaches, not just for APT. Best wishes, Xiaohu XU -- to unsubscribe send a message to [EMAIL PROTECTED] with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg
