Posts from ‘Network Attacks’
One of my student friends from Cisco RTP suggested a great weekly addition to our blog – a sample task from a Mock Lab to challenge the blog faithful. Cool idea! Love it! To not spoil your fun when taking our Mock Labs, these tasks have been written special so that there is no carryover.
My first installment is a topic that could easily appear on either the R/S Lab or the Security Lab. Enjoy! You are more than welcome to post your suggested solution in the comments. I will wait a week and then post a solution in there myself – along with some explanation text. If you enjoy this new blog installment, you should check out our products, because they are even better!
Here we go!
8.1 DoS Protection
You are concerned about DoS attacks against a key perimeter router in your company. Configure R1 so that it limits the aggregate rate of ARP traffic toward the route processor to 75 packets per second. Routing control traffic marked with an IP Precedence value of 6 should be limited to 100 packets per second.
NOTE: The solution and walkthrough are posted in the comments below dated February 6, 2009. Once again, this is a fraction of what you receive in our products!
What in the world is a bogon? It is a source address that should not appear in an IP packet on an interface that faces the public Internet. A very famous example of a bogon address would be the Private IP address space, as defined in RFC 1918. This address space is as follows:
What would be another example of a bogon address? How about the “link-local” addresses that a system will use to communicate on the local link in the event of DHCP failure. This address space is 169.254.0.0/16.
So bogons consist of special use addresses and any other portions of the address space that has not been allocated for public use. This list of addresses is not static, and does change over time. These addresses are excellent entries in your filters (access control lists) for interfaces that face the Internet.
What is a convenient place to learn of the bogon addresses you should be most concerned with as a CCIE candidate? Well, it is none other than an RFC. It is RFC 3330. It is an excellent RFC that summarizes many of the other RFCs detailing special use address space. You can find RFC 3330 here: