On 3 May 2016, at 4:51, jim deleskie wrote:
I was going to avoid this thread because I've never been a huge fan of Flowspec for my own reasons.
Flowspec is an extremely useful tool, IMHO - not only for direct, layer-4-granular mitigation leveraging linecard ASICs, but for more granular and selective diversion into mitigation centers, as well. And its value is growing with increased platform support. It isn't perfect (nothing is), and operators must be aware of its performance/scalability envelope on a given platform, but it's a great tool to have in the toolbox.
I can say I, nor any of my peers ( in any sense of that word) that I have known, have wanted to keep "bad " traffic on our networks so we can bill for it.
+1! I ran into this situation precisely twice early in the 'oughts ("Let the packets come!" was the quote which stood out in my mind); those espousing it pretty quickly changed their tunes once their networks had been knocked flat a couple of times. ;> ----------------------------------- Roland Dobbins <rdobbins@arbor.net>