nanog mailing list archives
Re: Using Policy Routing to stop DoS attacks
From: Rafi Sadowsky <rafi-nanog () meron openu ac il>
Date: Tue, 25 Mar 2003 16:33:15 +0200 (IST)
## On 2003-03-25 09:06 -0500 Christian Liendo typed: [snip] CL> CL> Depending on the router and the code, if I implement an access-list then CL> the CPU utilization shoots through the roof. CL> What I would like to try and do is use source routing to route that traffic CL> to null. I figured it would be easier on the router than an access-list. CL> CL> Has anyone else tried this successfully on ciscos and junipers? CL> Is it easier on the CPU than access-lists? Details ? Which Cisco router ? IOS ? HW/SW/CEF/netflow/<whatver> "IP switching" ? As you seem to have noticed these "little details" matter ... -- Rafi
Current thread:
- Using Policy Routing to stop DoS attacks Christian Liendo (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Haesu (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Christian Liendo (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Jack Bates (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Rafi Sadowsky (Mar 25)
- Re: Using Policy Routing to stop DoS attacks John Kristoff (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Haesu (Mar 25)
- Re: Using Policy Routing to stop DoS attacks fingers (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Christopher L. Morrow (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Haesu (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Haesu (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Haesu (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Christopher L. Morrow (Mar 25)
- <Possible follow-ups>
- RE: Using Policy Routing to stop DoS attacks Jim Deleskie (Mar 25)
- RE: Using Policy Routing to stop DoS attacks Christopher L. Morrow (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Andre Chapuis (Mar 28)
- Re: Using Policy Routing to stop DoS attacks Charles H. Gucker (Mar 28)