RE: more on filtering

["Matthew Kaufman" <matthew () eeph com>]

Well, interestingly, in our network, Juniper makes all of our new core
routers. Specifically because Cisco routers were melting down at an
unacceptable rate.

But there was no such thing as Juniper when we started building (so we still
have a lot of Cisco routers in the network), and they don't make DSLAMs or
DSL/ATM customer aggregation boxes, so we still get to deal with
traffic-dependent performance. And I'm sure we're not the only network in
this situation.

Should I replace every box in the network with a Juniper and pass the cost
along to the customers? (New line item on the bills: "we won't filter worm
traffic tax")

Even if I had an all-Juniper network, I'd still need to decide what to do
about DDOS attacks... Do I just call my circuit vendors and keep adding
OC48s until the problem goes away?

Matthew Kaufman
matthew () eeph com

> -----Original Message-----
> From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On 
> Behalf Of Alex Yuriev
> Sent: Friday, October 31, 2003 6:29 AM
> To: Matthew Kaufman
> Cc: 'Greg Maxwell'; 'Chris Parker'; nanog () merit edu
> Subject: RE: more on filtering
>
>
>
> > Do you actually believe that it was a BAD idea for Cisco to build a 
> > router that is more efficient (to the point of being able to handle 
> > high-rate interfaces at all) when presented with traffic flows that 
> > look like real sessions?
>
> Why buy something that works well only sometimes ("we are 
> very efficient when it looks like 'real' traffic" from Cisco) 
>  when you can buy ("no one told us that we should have issues 
> with some specific packets") Juniper?
>
> Alex