On 14/07/10 02:18 +0000, Dobbins, Roland wrote:
On Jul 14, 2010, at 3:26 AM, Tony Li wrote:
The whole point about being DoS resistant is one of horsepower. To do
DoS protection correctly, you need to be able to do packet examination
at line rate.
Right. And to date, such routers make use of ASICs - i.e.,
'hardware-based' routers, in the vernacular.
Routers which use only centralized, general-purpose processors can't
handle even a fraction of 'line-rate' without tanking, as innumerable
real-world examples of said behavior over the years have repeatedly and
conclusively demonstrated.
I'm not really all that opinionated on the subject, other than to say that
the definition of a router, and what qualifies as a sufficient router for
any given administrator's needs, greatly varies.
However, to state something like
as innumerable real-world examples of said behavior over the years have
repeatedly and conclusively demonstrated.
has the appearance of you struggling to hold on to an idea that may have
been more true in the past, and less true today, as is evident based on the
input from other list participants.
--
Dan White
