nanog mailing list archives
Re: Using Policy Routing to stop DoS attacks
From: Rafi Sadowsky <rafi-nanog () meron openu ac il>
Date: Tue, 25 Mar 2003 16:33:15 +0200 (IST)
## On 2003-03-25 09:06 -0500 Christian Liendo typed:
[snip]
CL>
CL> Depending on the router and the code, if I implement an access-list then
CL> the CPU utilization shoots through the roof.
CL> What I would like to try and do is use source routing to route that traffic
CL> to null. I figured it would be easier on the router than an access-list.
CL>
CL> Has anyone else tried this successfully on ciscos and junipers?
CL> Is it easier on the CPU than access-lists?
Details ?
Which Cisco router ? IOS ?
HW/SW/CEF/netflow/<whatver> "IP switching" ?
As you seem to have noticed these "little details" matter ...
--
Rafi
Current thread:
- Using Policy Routing to stop DoS attacks Christian Liendo (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Haesu (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Christian Liendo (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Jack Bates (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Rafi Sadowsky (Mar 25)
- Re: Using Policy Routing to stop DoS attacks John Kristoff (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Haesu (Mar 25)
- Re: Using Policy Routing to stop DoS attacks fingers (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Christopher L. Morrow (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Haesu (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Haesu (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Haesu (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Christopher L. Morrow (Mar 25)
- <Possible follow-ups>
- RE: Using Policy Routing to stop DoS attacks Jim Deleskie (Mar 25)
- RE: Using Policy Routing to stop DoS attacks Christopher L. Morrow (Mar 25)
- Re: Using Policy Routing to stop DoS attacks Andre Chapuis (Mar 28)
- Re: Using Policy Routing to stop DoS attacks Charles H. Gucker (Mar 28)