Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Level3 routing issues?

  • From: Jared Mauch
  • Date: Tue Jan 28 11:35:42 2003

On Tue, Jan 28, 2003 at 03:34:15PM +0000, cowie@renesys.com wrote:
> Some BGP-speaking routers (not all, by any means, but some subpopulation)
> found themselves pegged at 100% CPU on Saturday.  Just one example: 
> 
>    http://noc.ilan.net.il/stats/ILAN-CPU/new-gp-cpu.html

	I wonder how much of this was because of packets
destined *TO* the router.  I don't know about you but I'm not
about to go put access-lists on all 600+ interfaces in some of
my routers.  My push is for Cisco to (and i'm sure others agree, as
well as the other vendors who don't have a similar feature today)
to port their "ip receive acl" to other important platforms.  The
GSR is not the only router that needs to be protected on the internet
and they seem to be missing that bit of direction.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a00800a8531.html

	Not putting this feature in the next releases of software
would be irresponsible on their part after the critical nature
of this attack, IMHO.

	- jared

-- 
Jared Mauch  | pgp key available via finger from jared@puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.