chris@UU.NET disait :
have been on the receiving end of, the first was generating a little over 300mbit/sec (steady for a prolonged time), and the second went over that by a fair bit. In both cases, we had core equipment (M20's and BSN5000's) fall over and die trying to "work" the events. Additionally, our upstream peers
Your M20 tipped over?? What were you doing? We regularly stop large (+100Mb->800Mb) attacks with less horsepower than this. Truthfully, a cisco is even capable of filtering (done right) at +200kpps...
On Cisco boxes, it depends too much on Interface type, LC Engine, IOS, ... etc ... Beside, some features cannot run concurently (i remumber an ACL on GSR that make my netflow export stop .... it tooks days to figure this out !!!) ACL Implement on GSR is too a nightmare. We are operating more than 70 GSRs with very different interface, LC engine and IOS ... _some_ IOS with _some_ LC might truthfully filter (turbo, extended, vanilla, in, out ACLs ?!) .... but there is too many variable in the equation to get ops people use it for massive anti-DOS purpose ! Vincent.