On Mon, May 09, 2005 at 01:35:06PM -1000, Richard wrote:
Hi,
We recently experienced several DOS attacks which drove our backbone routers CPU to 100%. The routers are not under attack, but the router just couldn't handle the traffic. There is a plan to upgrade these routers. One criteria is the ability to track which IP address is under attack and blackhole the traffic quickly. Anyone can share your experience of what kind of router is capable of doing this?
Also besides having a powerful router which can handle large volume of traffic, is there any other things that we need to consider in selecting the routers?
I recently wrecked my car, totaling it and running down several small children on their way to sunday school in the process. I plan to upgrade my car, and one of the criteria is that it not crash and kill people. Can you share advice on what car is capable of doing this? This example is about as descriptive and useful at solving the problem as your original post. Without any details it is impossible to make any useful recommendation even if we wanted to. What type and scale of DoS are you trying to protect against, what type and scale of traffic are you routing, what kind of interfaces and how many, basic things like that. Without details, the best that you're likely to get (now that Dean is gone :P) is something akin to "go buy a volvo", namely "go buy a Juniper". -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)