nanog mailing list archives
Re: Rate-limiting BCOP?
From: Saku Ytti <saku () ytti fi>
Date: Sun, 24 May 2020 22:13:51 +0300
On Sun, 24 May 2020 at 16:58, Tarko Tikan <tarko () lanparty ee> wrote:
DDoS can be a problem in this scenario. Assuming the PEs have plenty of capacity available and you can afford DDoS to reach PE, then you would shape to customer contract speed, drop the DDoS traffic and would not congest your access device uplink.
Provided you are using a strictly egress queueing platform, which OP's ASR9k is not, its ingress NPU will drop packets, causing all customers sharing the physical interface to suffer. -- ++ytti
Current thread:
- Rate-limiting BCOP? Bryan Holloway (May 21)
- Re: Rate-limiting BCOP? Saku Ytti (May 21)
- RE: Rate-limiting BCOP? adamv0025 (May 31)
- Re: Rate-limiting BCOP? Saku Ytti (May 31)
- RE: Rate-limiting BCOP? adamv0025 (May 31)
- Re: Rate-limiting BCOP? Mark Tinka (May 24)
- Re: Rate-limiting BCOP? Tarko Tikan (May 24)
- Re: Rate-limiting BCOP? Saku Ytti (May 24)
- Re: Rate-limiting BCOP? Tarko Tikan (May 24)
- Re: Rate-limiting BCOP? Mark Tinka (May 24)
- Re: Rate-limiting BCOP? Tarko Tikan (May 24)
- Re: Rate-limiting BCOP? Saku Ytti (May 21)