nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re[2]: SYN floods (was: does history repeat itself?)

From: Alexis Rosen <alexis () panix com>
Date: Tue, 10 Sep 1996 22:31:03 -0400 (EDT)
Justin W. Newton writes:

At 02:12 PM 9/10/96 -0400, Alec H. Peterson wrote:


FWIW, even with a thousand very busy modems, I'm pretty sure that even a
small cisco is up to the job. They just don't generate all that much

traffic.


Could be, although I'd want to see this before I bet the farm on it.
I'm not sure how efficient crisco's filtering algorithm is...


I have found that 2500's do not have the processor for even basic filtering
when sitting in front of several hundred modems.  4700's on the other hand
(and 7200's) have the ability to handle the job with little difficulty.


Really? Is there something special about 2500s as compared to AGSes? Alec
pointed out to me that my numbers were a bit off, but they're not off by
that much. How much traffic was there on the 2500 that you were trying to
use for filtering? And how many ports were in use?

FWIW, in terms of low-cost solutions, 4000s and 4500s may still be available,
and I think the 4000 has the same CPU as an AGS (25MHz 68040) though I might
be misremembering. I'm sure the 4500 is plenty- it's got a 100MHz MIPS chip
(from IDT, I think).

/a
- - - - - - - - - - - - - - - - -
Previous By Date Next
Previous By Thread Next

Current thread: