Re: Level3 routing issues?

["Robert A. Hayden" <rhayden () geek net>]

What about doing some priority-based QoS?  If a single IP exceeds X amount
of traffic, prioritize traffic above that threshold as low.  It would keep
any one single host from saturating a link if the threshold is low.

For example, you may say that each IP is limited to 10mb of prioirty
traffic.  Yes, a compromised host may try to barf out 90mb of chaff, but
the excess would be moved down the totem pole.

Obviously, this may not make sense in all environments, but in a campus or
large enterprise situation, I can see this occuring on your WAN links in
particular.

On Sat, 25 Jan 2003, K. Scott Bethke wrote:

> BIll,
> ----- Original Message -----
> From: "Bill Woodcock" <woody () pch net>
> > I'd agree with it.  Except the herds of losers who still buy exploding
> > crap from Vendor M don't seem to be thinning themselves out quickly
>
> dude, the Exploding Cars are so much easier to drive than the ones from
> Vendor L.  (tic)
>
> > enough.  Maybe they're sexually attractive to each other, and reproduce
> > before their stupidity kills them.  That would be unfortunate.  Or maybe
> > it's just that none of this computer stuff actually matters, so exploding
> > crap isn't actually fatal.  Maybe that's it.
>
> I think it sucks that they are exploding on MY highway.
>
> With that in mind is it time yet to talk about solutions to problems like
> this from the network point of view?  Sure its easy to put up access list's
> when needed but I have 100megs available to me on egress and I was trying to
> push 450megs.  Is there anything protocol, vendor specific or otherwise that
> will not allow rogue machines to at will take up 100% of available
> resources?  I know extreme networks has the concept of Max Port utilization
> on thier switches, will this help?  Suggestions?
>
> -Scotty