On 7/02/2009, at 5:20 AM, Brad Fleming wrote:
On Feb 4, 2009, at 2:52 AM, Steve Bertrand wrote:
If I understand this correctly, there will be a route entered on each edge router for all sources that are participating in a DDoS attack. Is anyone worried about TCAM usage if one of their customers gets hit with a larger DDoS attack? Add in our IPv6 and V4 multicast tables chewing up more TCAM space and things get even more dicy!
For my part, I'd be worried if the overall IPv4 unicast route table got much larger than ~1million entries because our hardware-based routers might run out of TCAM and bring the whole network to a screeching halt.
Or more than 256k routes on a SUP2, or 192k/239K routes on a SUP720. We are at 285798 as of last CIDR report. So, I guess you should be worried.. now :-) -- Nathan Ward