On Tue, Jan 28, 2003 at 03:34:15PM +0000, cowie@renesys.com wrote:
Some BGP-speaking routers (not all, by any means, but some subpopulation) found themselves pegged at 100% CPU on Saturday. Just one example:
I wonder how much of this was because of packets destined *TO* the router. I don't know about you but I'm not about to go put access-lists on all 600+ interfaces in some of my routers. My push is for Cisco to (and i'm sure others agree, as well as the other vendors who don't have a similar feature today) to port their "ip receive acl" to other important platforms. The GSR is not the only router that needs to be protected on the internet and they seem to be missing that bit of direction. http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guid... Not putting this feature in the next releases of software would be irresponsible on their part after the critical nature of this attack, IMHO. - jared -- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.