On Wed, Sep 29, 2021 at 11:38:19PM +0200, Baldur Norddahl wrote:
On Wed, 29 Sept 2021 at 22:07, Jean St-Laurent via NANOG <nanog@nanog.org> wrote:
Thanks a lot for sharing.
So 100 Gbps at line rate with 80B frames is about ~150 Mpps.
100 Gbps at line rate with 208B frames is about ~60 Mpps.
It's a significant penalty.
Full rate small packets would be an attack of some kind and could only realistically arrive at your transit and peering ports. The customers usually have slower (relatively) ports and a single customer could not produce a rate of small packets that would be a concern. Therefore uRPF at customer ports should not be a problem in this regard.
every network is different of course, and admittedly i am a couple generations of hw from having tested this. the problem was indeed exacerbated by also having a ddos scrubbing service, but i still encourage my competitors to run urpf. -b
Regards,
Baldur