how-to block ads
|
|
Share Topic
 |
 |
|
 IgnitePremium,VIP
join:2004-03-18
UK | reply to larytet
Re: Ellacoya quote:
i am talking about 50K subscribers behind single CMTS.
The box is one per CMTS - this is the only way to reach reasonable performance.
No way and wrong respectively. Not likely to have 50k subscribers on a single CMTS unless it's *very* high density, a Cisco uBR 7246VXR fully loaded with MC16 cards will do you for maybe 6000 customers, to hold 50,000 customers you'd need 40 downstreams and more upstreams, even with QPSK 6.4MHz wide DOCSIS 2 upstreams.
One could quite happily place these devices at a traffic aggregation point, a router behind a number of CMTS, depending on the bandwidth demands and packets per second flowing. This is the most common way of doing traffic shaping where deep packet inspection is required, at transport layer as access/edge isn't an option.
quote:
Policy by IP destination and/or port number you can find in any base level router. And policy can be done with much better performance.
Really? In the Cisco case you're talking about NBAR, which is expensive on CPU. Routers are primarily layer 2 and 3 devices, with ASIC / PIC based switching and routing engines. Profiling based on TCP ports is a little outside the remit of most routers, deep packet inspection an even larger jump, and the only way to properly manage traffic, especially when talking about dynamic port services.
To say that routers are better at traffic shaping than a dedicated traffic management device which will have an ASIC or programmable IC tweaked for the sole purpose of deep packet inspection at wire speed is absurd. I would imagine if Shaw could shape large amounts of customers without spending out on an Ellacoya they would, don't you think?
Just to be double certain, what you are talking about is suggesting users do a DDoS on their own ISP's equipment. You think the CMTS will be able to handle that amount of traffic? On the upside it's impossible for a cable subscriber to generate a thousand packets a second as due to TDMA and DOCSIS timing restrictions a cable sub maxes at 160-170 packets a second upstream anyway. | |
4 edits | Not likely to have 50k subscribers on a single CMTS unless it's *very* high density, a Cisco uBR 7246VXR fully loaded with MC16 cards will do you for maybe 6000 customers 6000 ports CMTSs are not the only box available on the market.
In the Cisco case you're talking about NBAR, which is expensive on CPU. Routers are primarily layer 2 and 3 devices, with ASIC / PIC based switching and routing engines.
Agree on application awareness for routers. But it can be done in diferent way. Regular CAM memory can support lookup for 128 bits keys, like IP destination, IP source, IP port, TOS, etc. There is no problem to drop IRC traffic (if we want to filter ALL packets out and this is what i ment), because port number and destination IP are both well known.
To say that routers are better at traffic shaping than a dedicated traffic management device which will have an ASIC or programmable IC tweaked for the sole purpose of deep packet inspection at wire speed is absurd.
i never said that router/forwarder is good in traffic shaping, but it IS good in dropping packets according to simple rule like if IP port=6776 drop the packet ALWAYS.
Just to be double certain, what you are talking about is suggesting users do a DDoS on their own ISP's equipment. You think the CMTS will be able to handle that amount of traffic?
You can call it DDoS if you wish, but the nature of the attack is different. There is no significant traffic involved - actually i suggest to cap the connections by 1K/s. My suggestions is to create multiple slow TCP connections. Talking about CMTS it can handle theoretical worst case traffic. I can not beleive that CSCO CMTS is not wirespeed. I will give look to the datasheet later.
On the upside it's impossible for a cable subscriber to generate a thousand packets a second as due to TDMA and DOCSIS timing restrictions a cable sub maxes at 160-170 packets a second upstream anyway.
No need to generate more than 160 packets/s. regular TCP connecton keepalive would be enough. see above.
»larytet.sourceforge.net/howto.shtml | |
1 edit | reply to Ignite
btw why not to give this a try ?
i mean what are you afraid of ?
find 10 legal torrent files with reasonable number of peers (Linux distros are good)
start them all, limit the number of connections to let's say 5000 total, limit upstream and downstream to 1KB/s for each torrent, wait a couple of weeks | |
|
