we recently got the Problem that one Link between one of our 6509 with SUP720 and one 7606 with RSP720 got fully utilized because of an DDoS attack.
The attack was very short und not that heavy, but big enough to fill the 1G Connection between the two devices.
The big problem here was that we lost routing between the two devices.
The 7606 is one of our corerouter running BGP and OSPF. It have one 10G transitlink to an uplink provider and two 10G Interface to adjacent core-router.
We use OSPF as routing protocol between these two devices.
At the moment of the attack/ fully utilization we noticed that the devices lost its OSPF neighbors associated to that link, I assume that the Hello Packets did not get through the link...
The 6509 of course have an second uplink to another corerouter (1G/OSPF) so the following happened:
The first link got full and after some time the OSPF neighbor was lost. The traffic went to the second link (not really surprising) so the first link got its OSPF neighbor back to lost it afterwards because of the full link.
That was some nice flapping.
So my questions:
Maybe i´m completly wrong and there is some "built in priorization"?
(Routed interfaces with /30 transfernetworks, so nothing special)
Is there an (easy) way to protect the links in the core/distribution area against this Problem?
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...