nanog mailing list archives
Re: Vyatta as a BRAS
From: khatfield () socllc net
Date: Tue, 13 Jul 2010 18:29:52 +0000
Routing. We can route that. If it were targeting the box itself it would depend if the attack were getting through. Certainly iptables can't handle something like that but pf does well with high PPS rates. If it were all 'DROP' traffic then likely higher. If it were hitting the box directly and getting past the firewall, yes it would be substantially lower. We were talking about routing though. ------Original Message------ From: Dobbins, Roland To: NANOG list Subject: Re: Vyatta as a BRAS Sent: Jul 13, 2010 12:56 PM On Jul 14, 2010, at 12:39 AM, <khatfield () socllc net> <khatfield () socllc net> wrote:
I haven't done real world testing with Vyatta but we consistently pass 750KPPS+ without the slightest hiccup on our FreeBSD routing systems.
750kpps packeting the box itself? Also, note that kpps is a small amount of traffic, compared to what even very small botnets can dish out. ----------------------------------------------------------------------- Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com> Injustice is relatively easy to bear; what stings is justice. -- H.L. Mencken
Current thread:
- Re: Vyatta as a BRAS, (continued)
- Re: Vyatta as a BRAS Dobbins, Roland (Jul 18)
- Re: Vyatta as a BRAS Dobbins, Roland (Jul 18)
- Re: Vyatta as a BRAS Mark Smith (Jul 18)
- Re: Vyatta as a BRAS Dobbins, Roland (Jul 18)
- Re: Vyatta as a BRAS Brett Frankenberger (Jul 18)
- Re: Vyatta as a BRAS Tim Durack (Jul 18)
- Re: Vyatta as a BRAS Mark Smith (Jul 19)
- RE: Vyatta as a BRAS Akyol, Bora A (Jul 19)
- Re: Vyatta as a BRAS Tony Li (Jul 20)
- Re: Vyatta as a BRAS Lamar Owen (Jul 20)
- Re: Vyatta as a BRAS Dobbins, Roland (Jul 13)
- Re: Vyatta as a BRAS Lamar Owen (Jul 13)