On Jul 14, 2010, at 5:45 AM, Joe Greco wrote:
That's just a completely ignorant statement to make.
It's based on a great deal of real-world experience; I'm sorry you consider that to be 'ignorant'.
I notice in particular how carefully you qualify that with "[w]hen BCPs are followed"; the fact that hardware router manufacturers have declared everything and anything that derails their bullet trains as "not a BCP" is a perfect example of this deceptive sort of misinformation.
Anti-spoofing, iACLs, CoPP (or its equivalent on non-Cisco platforms), et. al. aren't 'misinformation'. They're useful, proven techniques/features which any operator ought to implement.
There are plenty of FreeBSD based devices out there that are passing tons of traffic; almost any of them are more competent than any Cisco router I'm aware of when hitting them directly with traffic
Then your experience of Cisco routers (and/or those from other vendors) must be limited to the lower-end platforms; I can assure you that faster Cisco boxes such as ASRs, GSRs, CRSes, and so forth are in another league entirely, and can handle mpps of to-us traffic, when properly configured. Software-based routers simply can't do that; it's not an indictment of them, it's just that they aren't suited to purpose, just as station wagons generally aren't to be found in the Indy 500. ;> ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> Injustice is relatively easy to bear; what stings is justice. -- H.L. Mencken