* Rick Ernst: > We've had an increasing rate of DoS attacks that spew tens-of-thousands of > small UDP packets to a destination on our network. We are getting roughly > 2x our entire normal pps across all providers through one interface, or > about 4x normal through the individual interface. The Cisco > 7206VXR/NPE-G1 CPU melts (>95% load vs 15% average, 20% normal peak) when > this hits. > > I'm using CEF and ip-route-cache flow on the outside interface.
Is the UDP stream a single flow, or does it consist of lots of different flows?
