One of many reasons it's good to rate limit traffic destined to the router. (Note: not through, but TO)
On Tue, Nov 14, 2017 at 8:08 PM, George Skorup <[email protected]> wrote: > I've seen several DDoS attacks targeting the Xbox shit talking kids. The > normal garbage UDP floods >100k PPS doesn't seem to affect CCRs all that > much. The last time the CPU jumped from 3% to maybe 10%. But recently I saw > an ICMP flood type attack (yet again targeting the Xbox dipshits). The > CCR1036-12G-4S did not like that at all. The CPU load was around 90% and > winbox was very sluggish. > > On 11/14/2017 8:00 PM, Sterling Jacobson wrote: > > Most standard routers would die on that much pps of that size. > > > > If you look on routerboard.com at the mikrotik stuff, they have charts at > the bottom of most of their gear that show how much traffic they can move > given the packet size and pps and Mbps etc. > > > > Compare that with the CPU and you can get an idea of what it takes to > switch/router or packet inspect stuff with rules. > > > > From: Af [mailto:[email protected]] On Behalf Of Zach Underwood > Sent: Tuesday, November 14, 2017 2:32 PM > To: [email protected] > Subject: [AFMUG] PPS limits > > > > I am trying to put some ddos attacks in perspective in terms of pps. > > > > Here are two examples > > 545.4 Mbps/2.4 Mpps udp packet size less than 150byte > > 2.0 Gbps/8.5 Mpps udp packet size less than 150byte > > > > What size router would fall over with 1+ Mpps of traffic. > > example ubnt ER-8 clams 2Mpps. > > > > > -- > > Zach Underwood (RHCE,RHCSA,RHCT,UACA) > > My website > > advance-networking.com > >
