From owner-freebsd-net@FreeBSD.ORG  Thu Nov 13 14:33:53 2003
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0FD2016A4CE
	for <freebsd-net@freebsd.org>; Thu, 13 Nov 2003 14:33:53 -0800 (PST)
Received: from freesbee.wheel.dk (freesbee.wheel.dk [193.162.159.97])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8B73543F3F
	for <freebsd-net@freebsd.org>; Thu, 13 Nov 2003 14:33:50 -0800 (PST)
	(envelope-from jesper@skriver.dk)
Received: by freesbee.wheel.dk (Postfix, from userid 1001)
	id 956BA384E7; Thu, 13 Nov 2003 23:33:49 +0100 (CET)
Date: Thu, 13 Nov 2003 23:33:49 +0100
From: Jesper Skriver <jesper@FreeBSD.org>
To: Anders Lowinger <anders@lowinger.se>
Message-ID: <20031113223349.GB84594@FreeBSD.org>
References: <20031112024507.89398.qmail@web10007.mail.yahoo.com>
	<3FB20D2B.73624906@pipeline.ch> <20031112195529.GA48020@scylla.towardex.com>
	<3FB37F09.4050908@lowinger.se>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3FB37F09.4050908@lowinger.se>
User-Agent: Mutt/1.4.1i
X-PGP-Fingerprint: 6B88 9CE8 66E9 E631 C9C5  5EB4 22AB F0EC F956 1C31
X-PGP-Public-Key: http://freesbee.wheel.dk/~jesper/gpgkey.pub
cc: freebsd-net@freebsd.org
cc: Haesu <haesu@towardex.com>
Subject: Re: tcp hostcache and ip fastforward for review
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Nov 2003 22:33:53 -0000

On Thu, Nov 13, 2003 at 01:54:33PM +0100, Anders Lowinger wrote:

> >It only takes x num. of kpps with diverse destinations to knock off a
> >router running flow based caching.
>
> Yep, that is true and its hard to work around.
>
> >Extreme switches use flow based caching (called ipfdb) and any DoS
> >attack that uses diverse destinations will kill it pretty quickly..
>
> Cisco's newer stuff does the flow-cache independent of the forwarding,
> i.e. the flow is more of an accounting cache.

With CEF enabled, the flow cache (NetFlow) is only for accounting etc.
purposes, and is not involved in forwarding.

/Jesper

-- 
Jesper Skriver, jesper(at)skriver(dot)dk  -  CCIE #5456

One Unix to rule them all, One Resolver to find them,
One IP to bring them all and in the zone to bind them.