North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Smurf tone down
> 1) Can't run CEF. There are some situations under which CEF causes > problems. The good news is these are getting to be fewer and fewer > every day, but as recently as 6 months ago it would regularly crash > routers with some line cards under heavy loads. I expect this reason > to disappear completely within another 6 months. Good arguement. But it seems that no one is doing it. > Also, in the can't run catagory there are some (usually smaller) > providers still using 7000's, 4000's, and other (dare I say even > 2501's?) for customer attach. Au contrair, monfrair (sp?!); CEF & CAR is available on many platforms now; we've got it running on 3600's, 4700's, and 7200's. My understanding is that is will also work on 2500's (I was told anything but PowerPC based systems). > 2) Can't spare the CPU. Sometimes this has to do with the load of CAR, > although generally I expect this is due to other things. If you have > 150-200 T1 customers on a 7513 (easy to get with CT3 cards) and you > run BGP to even just 25% of them, and you still have RSP2's then > you probably don't have CPU to even think about giving to CAR, no > matter how little it uses. As said before, the demonstrable increase in load using CAR is abot 0-2%. > 3) Can't manage it. Providers are understaffed with clueful people. Is this really that hard? access-list 175 permit icmp any any int bleh/bleh rate-limit input access-group 175 128000 8000 8000 conform-action transmit exceed-action drop rate-limit output access-group 175 128000 8000 8000 conform-action transmit exceed-action drop > 4) Don't care. I don't mean this in shallow "screw the customer" way. > them so they can be perminantly shut off. If it doesn't saturate > your links and your routers it's not your problem. But it could/might. I've seen repeatedly when other downstreams off the same upstream router as us be attacked, the upstreams router usually is unhappy. > > 5) It's none of their business. This one works people up. The logic > goes like this. If my provider CAR's ICMP automatically, why don't > they also CAR porn automatically, so it's only a little traffic. > Oh, and SPAM, that should be CAR'ed to help reduce it. All e-mail > to and from a competitor, that should be CAR'ed really low.... > > It's a dangerous road to go down. I don't subscribe to this. Your talking about two different levels of the ISO model :-) -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Atheism is a non-prophet organization. I route, therefore I am. Alex Rubenstein, [email protected], KC2BUO, ISP/C Charter Member Father of the Network and Head Bottle-Washer Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834 Don't choose a spineless ISP; we have more backbone! http://www.nac.net -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
|