5 Feb
2014
5 Feb
'14
1:01 p.m.
On (2014-02-05 11:15 -0500), Jared Mauch wrote:
The problem is many of these can compile to larger than the physical amount of space in the router/LC have to handle it. I’ve done presentations to vendors about what percentage (in bytes and per-line) of the configuration is of what component. 90%+ tends to be customer-specific prefix-list/set/filter lines.
Absolutely. But the good thing is, we don't need to have it comprehensively deployed in transit scenarios, just as long as spoofing domains are sufficiently fragmented DoS attack gets get better pay off from not spoofing. -- ++ytti