> well ... a better solution is to redirect this traffic at the ingress > point to go thru your washing machine (e.g. Riverhead Guard) and > re-inject the washed traffic into your network.
This works fine, as long as the DoS doesnt excees the ingress bandwidth. Above that you need other solutions, like BGP blackhole community which are, indeed, shared with your upstream(s). Afaik Swisscom has this with some of their upstream(s)... Pascal _______________________________________________ swinog mailing list [EMAIL PROTECTED] http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
