cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2222
Views
0
Helpful
2
Replies

bandwidth management

rob
Level 1
Level 1

Hi all,

I have a public WAN network burstable to 100Mbps. I offer colocation and thus can't guarantee what my clients will out on their servers. We've been getting a lot of DoS attacks and thus it's putting up our 95th percentile big style!

What would be a good solution and what do you guys do to rate limit the bandwidth on the network, preferably by IP address?

My budget wouldn't stretch to a 7200 series router but could cope with other models lower down.

I've heard packeteers are good, but would rather stick with cisco kit if poss.

cheers

Rob

2 Replies 2

yjdabear
VIP Alumni
VIP Alumni

PF on OpenBSD/FreeBSD

http://www.openbsd.org/faq/pf/

funsok217
Level 1
Level 1

You could use a Mikrotik Router box.www.mikrotik.com. all you'll need is the license -under $45. You can then configure each known ip address on your network under the queue simple menu. Since you are getting a number of DOS attacks. I'll suggest that you create a rule that drops any unknown ip address in your network. And guess what? You can even have the added functionality of adding a MRTG to it!!

But if you have some cash to spare. You can try the NetenForcer's ALLot. It has all the above features and more. www.allot.com

Good luck.