From: Henning Schmiedehausen <hps@intermeta.de>
To: Florian Weimer <fw@deneb.enyo.de>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: bandwidth for bkbits.net (good news)
Date: 05 Sep 2003 17:35:57 +0200 [thread overview]
Message-ID: <1062776157.20632.1697.camel@forge.intermeta.de> (raw)
In-Reply-To: <874qzrsljc.fsf@deneb.enyo.de>
On Fri, 2003-09-05 at 10:10, Florian Weimer wrote:
> > You need a shaper connected to the ISP backbone which shapes the
> > outgoing traffic for you and a border router which talks to the T1
> > (C17xx or C26xx). Normally, if your ISP has some sort of clue, you
> > will also need a bastion router which can handle backbone <-> 100 MBit
> > traffic and does dynamic routing updates (EGP or OSPF) to the ISP
> > backbone (A C26xx or C37xx).
>
> C37xx can handle a maximum load of 225 kpps (data sheet number,
> i.e. this value cannot be exceeded even under most favorable
> conditions), the others handle even less. Such routers are of no help
> during a DoS attack.
>
> Yes, I snipped the DoS context, and your approach would work in a
> benign environment. 8-)
225kpps * 64 Bytes (minimum packet len) = 13,7 MBytes / sec
100 MBit / 8 bit = 12,5 MBytes / sec
So, IMHO even with a small packet saturated 100 MBit link you won't
reach 225kpps. AFAIK this was Ciscos intention to publish this number.
It basically says "you will have filled your link before you fill our
router".
I'm pretty sure that your 37xx won't do any routing updates anymore at
this point. And if you do _anything_ that forces the packets down the
slow path from the routing engine, you're toast anyway.
But I'm pretty sure that a C37xx would handle full 100 MBit traffic to a
busy website without any problems. In fact, I know that it does. ;-) (We
did switch to a C12000 shortly after, mainly because we went Gigabit).
Regards
Henning
--
Dipl.-Inf. (Univ.) Henning P. Schmiedehausen INTERMETA GmbH
hps@intermeta.de +49 9131 50 654 0 http://www.intermeta.de/
Java, perl, Solaris, Linux, xSP Consulting, Web Services
freelance consultant -- Jakarta Turbine Development -- hero for hire
"Dominate!! Dominate!! Eat your young and aggregate! I have grotty silicon!"
-- AOL CD when played backwards (User Friendly - 200-10-15)
next prev parent reply other threads:[~2003-09-05 15:36 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <q2SH.AA.3@gated-at.bofh.it>
[not found] ` <qfwI.15D.27@gated-at.bofh.it>
[not found] ` <qgCn.2y4.11@gated-at.bofh.it>
2003-08-30 22:58 ` bandwidth for bkbits.net (good news) Pascal Schmidt
2003-08-30 23:07 ` Larry McVoy
2003-08-31 1:05 ` Pascal Schmidt
2003-08-31 1:39 ` Andrea Arcangeli
2003-08-31 2:18 ` Jeff Sipek
2003-08-31 2:42 ` Andrea Arcangeli
2003-08-31 2:56 ` Larry McVoy
2003-08-31 13:15 ` Alan Cox
2003-08-31 14:45 ` Andrea Arcangeli
2003-08-31 15:31 ` Alan Cox
2003-08-31 15:43 ` Jörn Engel
2003-08-31 15:50 ` Andrea Arcangeli
2003-08-31 17:06 ` Florian Weimer
2003-08-31 21:21 ` Larry McVoy
2003-09-02 7:06 ` Henning P. Schmiedehausen
2003-09-05 8:10 ` Florian Weimer
2003-09-05 15:35 ` Henning Schmiedehausen [this message]
2003-09-05 15:50 ` Florian Weimer
2003-09-05 16:10 ` P
2003-09-05 16:43 ` Ricky Beam
2003-09-07 11:55 ` Henning Schmiedehausen
2003-09-07 18:41 ` Ricky Beam
2003-09-08 8:57 ` [COMPLETELY OFF-TOPIC] " Henning Schmiedehausen
2003-09-02 21:52 ` Ricky Beam
2003-09-05 8:16 ` Florian Weimer
2003-08-31 15:44 ` Andrea Arcangeli
2003-08-31 16:22 ` Larry McVoy
2003-08-31 16:33 ` Andrea Arcangeli
2003-08-31 16:48 ` Larry McVoy
2003-08-31 17:06 ` Andrea Arcangeli
2003-08-31 21:18 ` Larry McVoy
2003-08-31 22:49 ` Andrea Arcangeli
2003-08-31 22:52 ` Alan Cox
2003-08-31 22:58 ` Larry McVoy
2003-08-31 23:02 ` Andrea Arcangeli
2003-08-31 23:07 ` Larry McVoy
2003-08-31 23:22 ` Andrea Arcangeli
2003-09-01 0:12 ` Larry McVoy
2003-09-01 0:19 ` Jamie Lokier
2003-09-01 0:33 ` Larry McVoy
2003-09-01 11:43 ` Alan Cox
2003-09-01 16:13 ` Andrea Arcangeli
2003-09-01 16:24 ` Larry McVoy
2003-09-01 16:28 ` Alan Cox
2003-09-01 16:38 ` Andrea Arcangeli
2003-08-31 23:39 ` Roman Zippel
2003-09-01 0:09 ` Larry McVoy
2003-09-01 0:20 ` Larry McVoy
2003-08-31 22:56 ` Larry McVoy
2003-08-31 23:13 ` Andrea Arcangeli
2003-09-01 0:18 ` Jamie Lokier
2003-09-01 0:25 ` Larry McVoy
2003-09-01 0:28 ` Andrea Arcangeli
2003-09-01 0:50 ` Jamie Lokier
2003-09-01 1:10 ` Andrea Arcangeli
2003-09-01 1:33 ` Larry McVoy
2003-09-02 7:11 ` Henning P. Schmiedehausen
2003-09-02 7:01 ` Henning P. Schmiedehausen
2003-08-31 16:23 ` Larry McVoy
2003-08-31 16:36 ` Andrea Arcangeli
2003-08-31 15:38 ` Jörn Engel
2003-09-02 6:55 ` Henning P. Schmiedehausen
2003-08-31 13:47 ` Pascal Schmidt
2003-08-31 14:51 ` Andrea Arcangeli
2003-09-02 6:53 ` Henning P. Schmiedehausen
2003-08-31 6:30 ` Jörn Engel
[not found] <qn1b.2Pr.29@gated-at.bofh.it>
[not found] ` <qoTh.5mt.11@gated-at.bofh.it>
[not found] ` <rdje.1sH.11@gated-at.bofh.it>
2003-09-02 17:49 ` Pascal Schmidt
2003-08-30 1:29 Larry McVoy
2003-08-30 15:03 ` Larry McVoy
2003-08-30 16:10 ` Jörn Engel
2003-08-31 10:13 ` Toon van der Pas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1062776157.20632.1697.camel@forge.intermeta.de \
--to=hps@intermeta.de \
--cc=fw@deneb.enyo.de \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox