On 23 Apr 2020, at 22:57, Denys Fedoryshchenko wrote:
In general operators don't like flowspec
Its increasing popularity tens to belie this assertion.
Yes, you're right that avoiding overflowing the TCAM is very important.
But as Rich notes, a growing number of operators are in fact using
flowspec within their own networks, when it's appropriate.
Smart network operators tend to do quite a bit of lab testing,
prototyping, PoCs, et. al. against the very specific combinations of
platforms/linecards/ASICs/OSes/trains/revisions before generally
deploying new features and functionality; this helps ameliorate many
concerns.
Also, don't forget about S/RTBH. It's generally confined to within an
operator's own span of administrative control for some of the same
reasons as flowspec (not generally TCAM, per se, but concerns about
giving Customer A the ability to interfere with Customer B's traffic,
and the difficulty of implementing such constraints). It can be an
option worth exploring, in many circumstances.
--------------------------------------------
Roland Dobbins <roland.dobb...@netscout.com>
