nanog mailing list archives
Re: ICMP rate limiting on EGRESS (Warning, operational content inside)
From: Wayne Bouchard <web () typo org>
Date: Mon, 17 Jan 2000 10:37:20 -0700 (MST)
It is reasonably well acknowledge that ratelimiting ICMP on *ingress* to your network can be a good thing to do, if you have available resources to do it. How about players rate-limiting ICMP on *egress* of the network over public exchange points. I have been on the wrong end of several smurfs over 100Mb/s over MAE-East & West, as, I'm sure have others. Whenever anyone is smurfed like this, I presume their port blocks, and anyone sending them data has head of line blocking. Which means, in effect, anyone peering with anyone who is being (sufficiently smurfed) will experience packet loss to *other* peers.
DOesn't work. Cisco decided that wasn't the best application for it so egress is MONUMENTALLY innefficient and cpu intensive. (bye, bye little router) ---------------------------------------------------------------------- Wayne Bouchard [Immagine Your ] web () typo org [Company Name Here] Network Engineer ----------------------------------------------------------------------
Current thread:
- ICMP rate limiting on EGRESS (Warning, operational content inside) Alex Bligh (Jan 16)
- Re: ICMP rate limiting on EGRESS (Warning, operational content inside) Randy Bush (Jan 16)
- Re: ICMP rate limiting on EGRESS (Warning, operational content inside) Sam Thomas (Jan 17)
- Re: ICMP rate limiting on EGRESS (Warning, operational content inside) Paul Ferguson (Jan 17)
- Message not available
- Re: ICMP rate limiting on EGRESS (Warning, operational contentinside) Paul Ferguson (Jan 17)
- Re: ICMP rate limiting on EGRESS (Warning, operational content inside) Sam Thomas (Jan 17)
- Re: ICMP rate limiting on EGRESS (Warning, operational content inside) bmanning (Jan 17)
- Re: ICMP rate limiting on EGRESS (Warning, operational content inside) Randy Bush (Jan 16)