On 9 Nov 2014, at 8:59, Frank Bulk wrote:
I've written it before: if there was a software feature in routers
where I
could specify the maximum rate any prefix size (up to /32) could
receive,
that would be very helpful.
QoS generally isn't a suitable mechanism for DDoS mitigation, as the
programmatically-generated attack traffic ends up 'crowding out'
legitimate traffic.
S/RTBH, flowspec, and other methods tend to produce better results.
-----------------------------------
Roland Dobbins <rdobb...@arbor.net>