On 3/25/20 9:44 PM, Philip Prindeville wrote:
If they’re both oversubscribed, then how does it get divvied up?
Production gets their 40 & 8 Guest gets their 10 & 2 There's nothing left over to divvy up further.
I’ve been the target of a DDoS reflection attack and 99% of my traffic was TCP RST’s and ICMP Unreachable… and that’s just what was getting through… not what was being dropped upstream.
Oy vey!
Sure. And by applying controls inside the firewall, you affect the perceived end-to-end properties as seen by the sender. Which is about the best you can hope for.
Yep.Though I have wondered about a VPN to a VPS where I could control the bulk of what comes in on my wire. Or at least apply some QoS on the end sending to my link. ;-)
More worried about Netflix, Hulu, and Disney+ which are all TCP-based. All three (and possibly Amazon Prime, I don’t remember) use HTTP byte-ranges, but reuse the same connection. So one connection, but bursty fetches…
Fair enough. I do more consuming with them and less technical analysis.
And if they both want to go over quota… I guess they can compete.
Nope. They both get their SLA. Since there's nothing left over, there's nothing to compete for.
No, they were clearing it because they thought they were protecting subscribers with not-up-to-date equipment from being confused by seeing markings they didn’t know how to correctly interpret.
>:-|
Odd, considering that customer equipment often moves faster than ISP or RBOC’s. The whole 5 years I was at Cisco, several RBOC’s were still running 12.0S (and insisting on continued support) even as I was writing features for 12.4(T)… And they had only recently migrated off 11.3 Mainline.
I can't say as I'm surprised.
That’s typically a configuration issue, and not a question of not having current software.
ACK
Unfortunately most of the surveys on how widely deployed ECN marking in transit networks is, is 12-19 years old.
I should inquire of colleagues at $WORK. Though we tend to focus on QUIC.
Yeah, I was going to work at Ubiquiti on the OS update until they made a salary offer…
~chuckle~
I’m using Supermicro pizza boxes (mostly SYS-5018D’s) that require EFI support…
I deployed more than a few Supermicro boxen in my time.
Sure. Though on Gigabit interfaces, 50mbps is not statistically significant even if I blocked it out…
I was thinking more about the other 950 Mbps that might not be available for Production <-> Guest transfers. (Assuming you're reaching from Prod into Guest through a stateful firewall to copy files or the likes.)
I remember people having the same complaint about Reno back in the day…
That was a little bit before my time.
Ever wake up and realize “I’m old”? Well, my wife wakes up every day and says to me, “You’re old.” But not the same thing…
Yes on all accounts. -- Grant. . . . unix || die
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
