Re: Smurf tone down

[alex () nac net]

> 1) Can't run CEF.  There are some situations under which CEF causes
>    problems.  The good news is these are getting to be fewer and fewer
>    every day, but as recently as 6 months ago it would regularly crash
>    routers with some line cards under heavy loads.  I expect this reason
>    to disappear completely within another 6 months.

Good arguement. But it seems that no one is doing it.


>    Also, in the can't run catagory there are some (usually smaller)
>    providers still using 7000's, 4000's, and other (dare I say even
>    2501's?) for customer attach.

Au contrair, monfrair (sp?!); CEF & CAR is available on many platforms
now; we've got it running on 3600's, 4700's, and 7200's. My understanding
is that is will also work on 2500's (I was told anything but PowerPC based
systems).


> 2) Can't spare the CPU.  Sometimes this has to do with the load of CAR,
>    although generally I expect this is due to other things.  If you have
>    150-200 T1 customers on a 7513 (easy to get with CT3 cards) and you
>    run BGP to even just 25% of them, and you still have RSP2's then
>    you probably don't have CPU to even think about giving to CAR, no
>    matter how little it uses.

As said before, the demonstrable increase in load using CAR is abot 0-2%.

> 3) Can't manage it.  Providers are understaffed with clueful people.

Is this really that hard?

access-list 175 permit icmp any any
int bleh/bleh
 rate-limit input access-group 175 128000 8000 8000 conform-action transmit exceed-action drop
 rate-limit output access-group 175 128000 8000 8000 conform-action transmit exceed-action drop




> 4) Don't care.  I don't mean this in shallow "screw the customer" way.
>    them so they can be perminantly shut off.  If it doesn't saturate
>    your links and your routers it's not your problem.

But it could/might. I've seen repeatedly when other downstreams off the
same upstream router as us be attacked, the upstreams router usually is
unhappy.


> 5) It's none of their business.  This one works people up.  The logic
>    goes like this.  If my provider CAR's ICMP automatically, why don't
>    they also CAR porn automatically, so it's only a little traffic.
>    Oh, and SPAM, that should be CAR'ed to help reduce it.  All e-mail
>    to and from a competitor, that should be CAR'ed really low....
>
>    It's a dangerous road to go down.

I don't subscribe to this. Your talking about two different levels of the
ISO model :-)



-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
     Atheism is a non-prophet organization. I route, therefore I am.
       Alex Rubenstein, alex () nac net, KC2BUO, ISP/C Charter Member
               Father of the Network and Head Bottle-Washer
     Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
 Don't choose a spineless ISP; we have more backbone!  http://www.nac.net
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --