Re: vyatta for bgp

[Owen DeLong <owen () delong com>]

On Sep 12, 2011, at 12:35 PM, Nick Hilliard wrote:

> On 12/09/2011 20:08, Michael K. Smith - Adhost wrote:
> > How do you come to this conclusion?  I think a software-based router for
> > enterprise level (let's say on the 1G per provider level) can handle a
> > fair amount of zorching.
>
> I presume by "a fair amount", I presume you mean "barely any"?
>
> At large packet sizes, an "enterprise level" router will just about handle
> a 1G DoS attack.  Thing is, bandwidth DoS / DDoS is sufficiently easy to
> pull off on a large scale that a 1G DoS is pretty easy.
>
> Incidentally, most service providers use "enterprise level" as a by-word
> for mediocre quality kit, lacking in both stability and useful features.
>
> Nick

In your typical enterprise environment, a 1G DoS will zorch the link long
before it zorches the router at the enterprise side.

I agree that software-based routers are not a good choice for a backbone
provider, but, for an enterprise that is dealing with <1gbps links coming
in from ≤3 providers, the difference in cost makes a software router an
attractive option in many cases.

Of course it is important to understand the limitations of the solution you
choose, but, in such an environment, a USD100,000+ ASIC based router
may be like trying to kill a mosquito with a sledge hammer.

Owen

Attachment: smime.p7s
Description: