On Sun, Feb 10, 2013 at 10:34:43AM -0200, Henrique de Moraes Holschuh wrote:
2. To fix the issue, you must implement QoS site-wide: you must priorize the control-plane traffic (i.e. OSPF, BGP, etc) from known-good sources, and depriorize (maybe even drop) control-plane traffic from any unknown sources on all border routers (including access routers), as well as any traffic that should not be in the control-plane traffic class.
Hello Note that this is just first half of the problem, second half is that you must have enough CPU power to process control plane traffic. On Linux, packet forwarding of regular traffic could eat all of your CPU (because it is not handled by CPU/process scheduler) so control plane processing (BIRD) does not get enough time slices (even if scheduled with maximum priority). I witnessed this issue on some older (2.4.x) Linux version on some embedded MIPS machines, i am not sure how this is handled in recent versions on more common hardware. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."