There are networks out there that cope with these issues. Develop means to monitor and detect DDoS and police users in near real time at the access port. Think about what happens when someone tries to launch a DDoS from a cloud provider.

The related aspect to this is we can, if we choose provide very high amounts of bandwidth with very low over sub ratios. Network equipment is now a commodity. Provided you have the fiber you can light vast amounts of bandwidth for surprisingly low cost, not just in the access but also the long haul.

Sent from my mobile

On Nov 3, 2014, at 6:23 PM, McDonald Richards <mcdonald.richards@gmail.com> wrote:

Sure - we had the conversation then, when 1.5Mbit of saturation didn't also exhaust firewall state tables, CPU and memory resources of everything in the service path.

What we do have now, that we didn't have then, are bot-nets for hire and parties who intentionally exploit, infect, test and document these hosts for hire as weapons while the end users in a lot of cases have no idea that it's happening outside of a slower Internet connection.



On Mon, Nov 3, 2014 at 5:53 PM, Jeremy Visser <jeremy@visser.name> wrote:
On 03/11/14 22:26, McDonald Richards wrote:
> The days of the "any to any, open Internet" are slowly coming to an
> end. One small flaw in one mass produced and mass distributed piece
> of software (including software that runs on CPE) can easily snowball
> into hundreds of gigabits of traffic at the "core" of the Internet (I
> hate that term but I'm too tired to come up with anything else right
> now).

We had this same conversation when people started moving from dial-up to DSL.

"OMG a single user on 1.5 Mbit/s can saturate our entire server farm bandwidth"

The world didn't end.  The same rules apply today that applied back then.
_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog

_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog