GroupStudy.com - CCIE, CCNA, CCNP and other Cisco Certifications

Home

BookStore

StudyNotes

Links

[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

Subject: RE: how to priority for important packet on FR link ?
From: "Zealous" <rsevier@xxxxxxxxxxxxxx>
Date: Fri, 6 Dec 2002 08:04:04 -1000
In-reply-to: <000701c29d42$5663d220$0100a8c0@homenet.com>

The percedence of 5 will only be accepted by routers that are configured to
recognize that level.  You may want to consider CBAC.

Raymond

-----Original Message-----
From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx]On Behalf Of
Mark
Sent: Friday, December 06, 2002 2:46 AM
To: security@xxxxxxxxxxxxxx
Subject: Re: how to priority for important packet on FR link ?

Look into the TCP intercept feature. I'm aware of the CAR option but in
amongst the rate limited traffic which gets dropped will be legitimate
users.

Unless your service provider is willing to run QoS on the frame relay
interface facing you, you'll have no control over traffic until it's
reached your router. Setting your precedence to 5 is your best bet to
influence how your traffic's treatment in the internet but as a rule
you're download rate will dwarf your upload. This means the queue which
you have absolute control over (tx) cannot do much to help.

My money would be on TCP intercept, if their attacks don't work in the
end they'll get bored and move on.

Besides this the internet is no place for VoIP unless you're prepared to
accept the intermittent quality.
Mark

----- Original Message -----
From: "li jun" <liuyang1976@xxxxxxxxxxx>
To: <security@xxxxxxxxxxxxxx>
Sent: Friday, December 06, 2002 6:47 AM
Subject: how to priority for important packet on FR link ?

Cisco guys and security exper,

I have a question need your help

my customer have a internet router, use Frame Relay link to outside. they
find there has some TCP flooding packet attack their router FR interface,
then want to use CAR to limit the attack packet. at the same time, they
want to guarantee the VoIP, OSPF routing packet, BGP routing packet won
not
be affect and no delay. how should we do?

I try this
1. CAR the TCP flooding attack to 800K
2. Since VoIP, OSPF, BGP's PRI is 5 by default. so I just set CBWFQ on
the
router to make sure VoIP, OSPF, BGP flow go through without delay.

anything do I need to do?   Do I need to do Frame Relay traffic shapping?
thanks in advance

regs/li jun

_________________________________________________________________
Cb7QOBTX MSN Explorer:  http://explorer.msn.com/lccn

__________________________________________________________________

Gesendet von Yahoo! Mail - http://mail.yahoo.de
Weihnachts-Einkdufe ohne Stress! http://shopping.yahoo.de

References:
- Re: how to priority for important packet on FR link ?
  - From: Mark

Prev by Date: Re: how to priority for important packet on FR link ?
Next by Date: SA Timeouts
Previous by thread: Re: how to priority for important packet on FR link ?
Next by thread: Re: how to priority for important packet on FR link ?
Index(es):
- Date
- Thread