nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TCP session disconnection caused by Code Red?

From: Blaz Zupan <blaz () amis net>
Date: Tue, 7 Aug 2001 06:40:02 +0200 (CEST)


It's not the packets per second that seems to kill them, its
the amount of arp cache and sessions (figure 600 packets per second,
each packet to a different host...Thats a lot of sessions in 5 minutes)


Curious, in that case consider null routing unused blocks, perhaps take
the opportunity to improve on subnet and vlan distribution to help the
null routing.


That's exactly the case. All the unused IP addresses are nullrouted and most
of the traffic was destined for the nullrouted addresses. I don't think a lot
of arp activity was going on.

Blaz Zupan,  Medinet d.o.o, Trzaska 85, SI-2000 Maribor, Slovenia
E-mail: blaz () amis net, Tel: +386-2-320-6320, Fax: +386-2-320-6325
Previous By Date Next
Previous By Thread Next

Current thread: