nanog mailing list archives
Re: Using crypto auth for detecting corrupted IGP packets?
From: Manav Bhatia <manavbhatia () gmail com>
Date: Fri, 1 Oct 2010 13:01:48 +0530
Buffering for 4-6 hours worth of control traffic is HUGE!If 4-6 hours of *control-plane* traffic on a given device is 'HUGE!', for some reasonable modern value of 'HUGE!', then there's definitely a problem on the network in question.
With BFD alone (assuming 20 sessions, 50ms timer) you will have 400pps. In 6 hours you will have around 8000K BFD packets. Add OSPF, RSVP, BGP, LACP (for lags), dot1AG, EFM and you would really get a significant number of packets to buffer. Cheers, Manav
Current thread:
- Re: Using crypto auth for detecting corrupted IGP packets? Dobbins, Roland (Oct 01)
- Re: Using crypto auth for detecting corrupted IGP packets? Manav Bhatia (Oct 01)
- Re: Using crypto auth for detecting corrupted IGP packets? Dobbins, Roland (Oct 01)
- Re: Using crypto auth for detecting corrupted IGP packets? Jared Mauch (Oct 01)
- Re: Using crypto auth for detecting corrupted IGP packets? Christopher Morrow (Oct 01)
- Re: Using crypto auth for detecting corrupted IGP packets? Dobbins, Roland (Oct 01)
- Re: Using crypto auth for detecting corrupted IGP packets? Manav Bhatia (Oct 01)
- <Possible follow-ups>
- Re: Using crypto auth for detecting corrupted IGP packets? John Kristoff (Oct 01)
- Re: Using crypto auth for detecting corrupted IGP packets? Manav Bhatia (Oct 13)