1) Let say if one company subscribe to 128Kbps access (64Kpbs CAR) at branches and 2Mbps (with 1Mbps CAR) at HQ, what is the best way to show/produce a report if they ask service provider to show that they are really getting 64Kbps all the way from branch to HQ.
Is anyone here know about this. What is the best tools/software/router config required to fulfill this requirement.
2) MPLS use IP. If SP been attack by DDOS, this will of course will effect mpls vpn traffic. How you guys handle this type of question or solution that you are using.
I have read that the security provided by MPLS VPN is equivalent to that provided by Frame-relay or ATM networks. I think DoS attacks in MPLS based VPN is difficult because the spoofed packets for attack should enter the same interface to which the VRF of a customer is bound, for it to be forwarded to other sites of the customer. Since the customers are provided isolation based on separate VRFs, in the likelihood of a DoS attack, the attack is isolated only to a particular customer and other customers will not get affected.
answer to 1. SP's like the one I work for use concord for those kind of stats that you are looking for.
answer to 2. The Dos attack is not just related to SP's. A customer for instance could have an internet connection hanging off the one of their own routers. This then gets attacked and distributes the routes into the SP's PE router. Hence the WHOLE router is in deep crap as the routing table will increase dramatically. To avoid this happening you should be asked how many routes you have in your "normal" routing table. The SP will then allow you to advertise "normal"*10%. If you go above that limit then the link will be shut down. This has two effects - 1. It protects YOU against a DOS attack in the SP domain and 2. It protects the SP from a Dos attack in the customers domain.
1) we are having mpls based on LDP in our network and no TE or L2VPN inside. We do have Concord v5.0 and vpnsc2.0. Is there a feature available in Concord itself for us to produce the report. Do u have mode idea on how your network management team do it.
2) how SP monitor the increase in the routes and configure in IOS to shut the link if reach max value on routes. i never heard about this.
1. Introduction Internet security is important with the increasing
attacks that are happening every day. Many internet and browsing
security solutions exist, but some are not very easy to use or maybe the
question is how can I enable them? In this referen...
Cisco Software Manager Server API Guide This document describes the
programmatic interfaces, RESTful APIs, which are supported by Cisco
Software Manager Server (CSM Server). Overview CSM Server supports a set
of finite RESTful APIs. The first step to use ...
If you are using Cisco's new linux-based Cisco Software Manager server,
then you probably want to make sure there is a startup service for
it.I'll assume that you've already installed the CSM server on a
systemd-based linux system. The commands given belo...