Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: [long] Re: DDoS: CAR vs TCP-Intercept vs NetFlow

  • From: Paul Ferguson
  • Date: Mon Feb 28 22:36:37 2000

At 12:06 AM 02/29/2000 -0300, Rubens Kuhl Jr. wrote:

Thanks for the long answer, but this question was actually on how the router
performance impact of CAR or TCP-Intercept changes between using CEF
switching (ip route-cache cef, default) and CEF-Flow switching (ip
route-cache cef + ip-route cache flow). Although NetFlow impacts router
performance a little, running CEF-Flow makes large access-list processing
faster than just running CEF; I think some other features (IPSec ?) also
have performance gains. I was wondering whether CAR and/or TCP-Intercept
would have better performance with CEF-Flow.
Again, forget about flow-switching in any context except for
tracing back attackers.

If you want the functionality to lower the threshold of DoS pain,
CEF is your baby.

This is an operational forum, yes? Where is the input from the
(current) operators?

- paul

ps. And they can both be used in conjunction with one another to
reach an end goal...






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.