> On 22 Jun 2021, at 14:12, Benjamin Ricardo <[email protected]> wrote: > > I was hoping to get an indication from other providers on how they handle > these “blank” authentications hitting their radius servers and whether this > is a wide spread problem as it became a huge problem for us.
How many pps are these devices generating, in aggregate, for each of the Radius servers they’re pummeling? If it’s a relatively low value, perhaps upgrading the Radius servers is in order? Is there maybe a packet-size classifier hook you could use to filter out the empty requests vs. legitimate ones which include credentials? If you’ve some kind of device which allows packet filtering with sufficient capacity to handle the load, and sufficient granularity to filter out the blank authentication requests whilst allowing useful ones through, that might also be an option. -------------------------------------------- Roland Dobbins <[email protected]> _______________________________________________ AusNOG mailing list [email protected] http://lists.ausnog.net/mailman/listinfo/ausnog
