[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

Subject: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos
From: saku at ytti.fi (Saku Ytti)
Date: Fri, 30 Sep 2016 23:06:13 +0300
In-reply-to: <[email protected]>
References: <[email protected]>

On 30 September 2016 at 22:42, Pedro <piotr.1234 at interia.pl> wrote:

Hey Pedro,

> I have some idea to put switch before bgp router in order to terminate isp
> 10G uplinks on switch, not router. Main reason is that could be some kind of
> 1st level of defence against ddos, second reason, less important, save cost
> of router ports, do many port mirrors.

I don't understand your rationale, unless your router is software box,
but as it has 10G interface, probably not.
Your router should be able to limit packets in HW, likely with better
counter and filtering options than cheap switch.

-- 
  ++ytti

Follow-Ups:
- nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos
  - From: mlfreita at mtu.edu (Matt Freitag)

References:
- nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos
  - From: piotr.1234 at interia.pl (Pedro)

Prev by Date: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos
Next by Date: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos
Previous by thread: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos
Next by thread: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos
Index(es):
- Date
- Thread