[AusNOG] web App firewalls.
David Hughes
David at Hughes.com.au
Fri May 28 14:42:50 EST 2010
On 28/05/2010, at 2:23 PM, Peter J. Cherny wrote:
> That's why you use the likes of an Alteon 2424 which is designed for multi GB/s !
>
> I can't speak of the F5, but the 2424 copes with anything I've seen thrown at it,
> (think DoS during an Election).
>
> I'd suggest you look at the SLB list http://vegan.net/lb/archive
Hi
I've been running "real" load balancers for about 10 years. That includes Alteons (back in the dark ages), Cisco, Foundry and a stack of F5's. It's not the throughput that's the issue. It's the size of the connection table. As soon as you put anything in the path that has a simple limit like that then you have a choke point. Eventually someone will break it if they really want to.
They have their place and they work well, but if you think you can't be dos'ed because you have one then you haven't thought it through.
David
...
More information about the AusNOG
mailing list