SlideShare une entreprise Scribd logo

Unknown Unicast Storm Control in Internet Exchange

Jimmy Lim
Jimmy Lim

This presentation is the continuation of the presentation that I shared in March 2013 about Broadcast and Multicast Storm control in IX. Hopefully this presentation finalises the BUM storm control in Internet Exchange. Feel free to discuss and share!! Thanks, Jimmy

Technologie
1  sur  11
May 2013 Jimmy Halim jhalim10@gmail.com
ž This is the continuation of the Broadcast and Multicast Storm Control in Internet Exchange topic that I shared in March 2013 ž This presentation hopefully finalizes the BUM (Broadcast, Unkown Unicast, and Multicast) storm protection in Internet Exchange ž This is for discussion and sharing purposes
ž Unicast packets with unknown destination MAC addresses ž The packets will travel to all members in the same VLAN ž Creates security concern in Internet Exchange platform since all members are sharing the same VLAN
ž Causes 99% high CPU in the Line Card where the attack comes from ž VPLS CPU protection in Brocade is not protecting ž The unknown unicast limit threshold in Brocade is not protecting ž The 99% CPU causes packet losses to/ from the participants that reside in same Line Card with the attacker
ž Drops the unknown unicast packets in hardware ž Tested successfully can reduce the 99% CPU down to 1%!! ž Record down any packets that are denied by incoming L2 access list to syslog ž This will fasten the troubleshooting during BUM attack
ž Helps to identify the source of BUM attack ž Shows the source attack port and the related source and destination MAC address ž The logging can be very noisy •  Cisco devices send the periodic L2 related packets to the specified destination MAC address •  These packets are categorized as unknown unicast since the destination MAC address is not owned by any participants in the same VPLS VLAN
ž We still able to drop unknown unicast packets in hardware without enabling logging to syslog ž We just need to remove the deny any any statement at the end of the access-list ž We need to use other monitoring tools like MRTG, INMON, or others to identify the source of BUM attacks
For sharing/question/discussion: jhalim10@gmail.com

Recommandé

Injectionofattacksinmanets
InjectionofattacksinmanetsInjectionofattacksinmanets
InjectionofattacksinmanetsVenkatesh Devam ☁
 
Net Security Basic
Net Security BasicNet Security Basic
Net Security Basicphanleson
 
Dotnet detection and localization of multiple spoofing attackers in wireless...
Dotnet detection and localization of multiple spoofing attackers in wireless...Dotnet detection and localization of multiple spoofing attackers in wireless...
Dotnet detection and localization of multiple spoofing attackers in wireless...Ecway Technologies
 
The Sorting Machine Web Quest Rubric
The Sorting Machine Web Quest RubricThe Sorting Machine Web Quest Rubric
The Sorting Machine Web Quest Rubricu1032565
 
Promoting your business flyer
Promoting your business flyerPromoting your business flyer
Promoting your business flyerdgamache
 
La perdurabilidad en las empresas familiares maria perez
La perdurabilidad en las empresas familiares maria perezLa perdurabilidad en las empresas familiares maria perez
La perdurabilidad en las empresas familiares maria perezmariaperezgamboa
 
Presentation islam
Presentation islamPresentation islam
Presentation islamZinat Tamami
 
Dba i 9i
Dba i 9iDba i 9i
Dba i 9iDanyer Valencia Llamoca
 

Recommandé

Injectionofattacksinmanets
InjectionofattacksinmanetsInjectionofattacksinmanets
InjectionofattacksinmanetsVenkatesh Devam ☁
 
Net Security Basic
Net Security BasicNet Security Basic
Net Security Basicphanleson
 
Dotnet detection and localization of multiple spoofing attackers in wireless...
Dotnet detection and localization of multiple spoofing attackers in wireless...Dotnet detection and localization of multiple spoofing attackers in wireless...
Dotnet detection and localization of multiple spoofing attackers in wireless...Ecway Technologies
 
The Sorting Machine Web Quest Rubric
The Sorting Machine Web Quest RubricThe Sorting Machine Web Quest Rubric
The Sorting Machine Web Quest Rubricu1032565
 
Promoting your business flyer
Promoting your business flyerPromoting your business flyer
Promoting your business flyerdgamache
 
La perdurabilidad en las empresas familiares maria perez
La perdurabilidad en las empresas familiares maria perezLa perdurabilidad en las empresas familiares maria perez
La perdurabilidad en las empresas familiares maria perezmariaperezgamboa
 
Presentation islam
Presentation islamPresentation islam
Presentation islamZinat Tamami
 
Dba i 9i
Dba i 9iDba i 9i
Dba i 9iDanyer Valencia Llamoca
 
Google chrome chromebooks
Google chrome chromebooksGoogle chrome chromebooks
Google chrome chromebooksBrandon Raymo
 
From GNETS to Home School
From GNETS to Home SchoolFrom GNETS to Home School
From GNETS to Home Schooleeniarrol
 
Sistemas visuais do cotidiano - Etec
Sistemas visuais do cotidiano - EtecSistemas visuais do cotidiano - Etec
Sistemas visuais do cotidiano - EtecBenedict-BrandCrafters
 
Ambient project in eksis komunika
Ambient project in eksis komunikaAmbient project in eksis komunika
Ambient project in eksis komunikaMuhammad Hibatullah
 
Print ad porto
Print ad portoPrint ad porto
Print ad portoMuhammad Hibatullah
 
Testing Your Sproutcore Presentation
Testing Your Sproutcore PresentationTesting Your Sproutcore Presentation
Testing Your Sproutcore Presentationgmoeck
 
PKL_Report body
PKL_Report bodyPKL_Report body
PKL_Report bodyTitis Rohmah M
 
Ppt media dealdy
Ppt media dealdyPpt media dealdy
Ppt media dealdyDealdy Fadilah
 
Mekanisme Evolusi 1 A ( Ch 22)
Mekanisme Evolusi 1 A ( Ch 22)Mekanisme Evolusi 1 A ( Ch 22)
Mekanisme Evolusi 1 A ( Ch 22)Biodas Unsoed
 
Agile Tour Toulouse 2015 - Ekito
Agile Tour Toulouse 2015 - EkitoAgile Tour Toulouse 2015 - Ekito
Agile Tour Toulouse 2015 - EkitoAgile Toulouse
 
jQuery For Developers Stack Overflow Dev Days Toronto
jQuery For Developers Stack Overflow Dev Days TorontojQuery For Developers Stack Overflow Dev Days Toronto
jQuery For Developers Stack Overflow Dev Days TorontoRalph Whitbeck
 
Presentation kaka
Presentation kakaPresentation kaka
Presentation kakaZinat Tamami
 
Las Empresas Perdurables
Las Empresas Perdurables Las Empresas Perdurables
Las Empresas Perdurables JosephYoko
 
Tugas 1
Tugas 1Tugas 1
Tugas 1Gressi Dwiretno
 
Wc no
Wc noWc no
Wc noIvelina Dimova
 
Presentation biologi
Presentation biologiPresentation biologi
Presentation biologiZinat Tamami
 
merekrut dan mengelola sdm
merekrut dan mengelola sdmmerekrut dan mengelola sdm
merekrut dan mengelola sdmari wibawa
 
Pertemuan ke 2 (perangkat keras)
Pertemuan ke 2 (perangkat keras)Pertemuan ke 2 (perangkat keras)
Pertemuan ke 2 (perangkat keras)Ahmad Muno
 
Replik tergugat-i-done
Replik tergugat-i-doneReplik tergugat-i-done
Replik tergugat-i-doneNicholas Dammen Jr
 
Дума и администрация о дорогах
Дума и администрация о дорогахДума и администрация о дорогах
Дума и администрация о дорогахОльга Бердецкая
 
Vlan
VlanVlan
VlanPAF-KIET
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptsaloni mittal
 

Contenu connexe

En vedette

Google chrome chromebooks
Google chrome chromebooksGoogle chrome chromebooks
Google chrome chromebooksBrandon Raymo
 
From GNETS to Home School
From GNETS to Home SchoolFrom GNETS to Home School
From GNETS to Home Schooleeniarrol
 
Ambient project in eksis komunika
Ambient project in eksis komunikaAmbient project in eksis komunika
Ambient project in eksis komunikaMuhammad Hibatullah
 
Testing Your Sproutcore Presentation
Testing Your Sproutcore PresentationTesting Your Sproutcore Presentation
Testing Your Sproutcore Presentationgmoeck
 
Mekanisme Evolusi 1 A ( Ch 22)
Mekanisme Evolusi 1 A ( Ch 22)Mekanisme Evolusi 1 A ( Ch 22)
Mekanisme Evolusi 1 A ( Ch 22)Biodas Unsoed
 
Agile Tour Toulouse 2015 - Ekito
Agile Tour Toulouse 2015 - EkitoAgile Tour Toulouse 2015 - Ekito
Agile Tour Toulouse 2015 - EkitoAgile Toulouse
 
jQuery For Developers Stack Overflow Dev Days Toronto
jQuery For Developers Stack Overflow Dev Days TorontojQuery For Developers Stack Overflow Dev Days Toronto
jQuery For Developers Stack Overflow Dev Days TorontoRalph Whitbeck
 
Las Empresas Perdurables
Las Empresas Perdurables Las Empresas Perdurables
Las Empresas Perdurables JosephYoko
 
Presentation biologi
Presentation biologiPresentation biologi
Presentation biologiZinat Tamami
 
merekrut dan mengelola sdm
merekrut dan mengelola sdmmerekrut dan mengelola sdm
merekrut dan mengelola sdmari wibawa
 
Pertemuan ke 2 (perangkat keras)
Pertemuan ke 2 (perangkat keras)Pertemuan ke 2 (perangkat keras)
Pertemuan ke 2 (perangkat keras)Ahmad Muno
 
Дума и администрация о дорогах
Дума и администрация о дорогахДума и администрация о дорогах
Дума и администрация о дорогахОльга Бердецкая
 

En vedette (20)

Google chrome chromebooks
Google chrome chromebooksGoogle chrome chromebooks
Google chrome chromebooks
 
From GNETS to Home School
From GNETS to Home SchoolFrom GNETS to Home School
From GNETS to Home School
 
Sistemas visuais do cotidiano - Etec
Sistemas visuais do cotidiano - EtecSistemas visuais do cotidiano - Etec
Sistemas visuais do cotidiano - Etec
 
Ambient project in eksis komunika
Ambient project in eksis komunikaAmbient project in eksis komunika
Ambient project in eksis komunika
 
Print ad porto
Print ad portoPrint ad porto
Print ad porto
 
Testing Your Sproutcore Presentation
Testing Your Sproutcore PresentationTesting Your Sproutcore Presentation
Testing Your Sproutcore Presentation
 
PKL_Report body
PKL_Report bodyPKL_Report body
PKL_Report body
 
Ppt media dealdy
Ppt media dealdyPpt media dealdy
Ppt media dealdy
 
Mekanisme Evolusi 1 A ( Ch 22)
Mekanisme Evolusi 1 A ( Ch 22)Mekanisme Evolusi 1 A ( Ch 22)
Mekanisme Evolusi 1 A ( Ch 22)
 
Agile Tour Toulouse 2015 - Ekito
Agile Tour Toulouse 2015 - EkitoAgile Tour Toulouse 2015 - Ekito
Agile Tour Toulouse 2015 - Ekito
 
jQuery For Developers Stack Overflow Dev Days Toronto
jQuery For Developers Stack Overflow Dev Days TorontojQuery For Developers Stack Overflow Dev Days Toronto
jQuery For Developers Stack Overflow Dev Days Toronto
 
Presentation kaka
Presentation kakaPresentation kaka
Presentation kaka
 
Las Empresas Perdurables
Las Empresas Perdurables Las Empresas Perdurables
Las Empresas Perdurables
 
Tugas 1
Tugas 1Tugas 1
Tugas 1
 
Wc no
Wc noWc no
Wc no
 
Presentation biologi
Presentation biologiPresentation biologi
Presentation biologi
 
merekrut dan mengelola sdm
merekrut dan mengelola sdmmerekrut dan mengelola sdm
merekrut dan mengelola sdm
 
Pertemuan ke 2 (perangkat keras)
Pertemuan ke 2 (perangkat keras)Pertemuan ke 2 (perangkat keras)
Pertemuan ke 2 (perangkat keras)
 
Replik tergugat-i-done
Replik tergugat-i-doneReplik tergugat-i-done
Replik tergugat-i-done
 
Дума и администрация о дорогах
Дума и администрация о дорогахДума и администрация о дорогах
Дума и администрация о дорогах
 

Similaire à Unknown Unicast Storm Control in Internet Exchange

Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2sweta dargad
 
Fcsi601 Linux Firewall Nat
Fcsi601 Linux Firewall NatFcsi601 Linux Firewall Nat
Fcsi601 Linux Firewall Natnarayannpp
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesJohn Rhoton
 
Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2samis
 
Analysis of network_security_threats_and_vulnerabilities_by_development__impl...
Analysis of network_security_threats_and_vulnerabilities_by_development__impl...Analysis of network_security_threats_and_vulnerabilities_by_development__impl...
Analysis of network_security_threats_and_vulnerabilities_by_development__impl...Tương Hoàng
 
IRJET - Implementation of Firewall in a Cooperate Environment
IRJET - Implementation of Firewall in a Cooperate EnvironmentIRJET - Implementation of Firewall in a Cooperate Environment
IRJET - Implementation of Firewall in a Cooperate EnvironmentIRJET Journal
 
Networkin new
Networkin newNetworkin new
Networkin newrajujast
 
Vmware vsan-layer2-and-layer3-network-topologies
Vmware vsan-layer2-and-layer3-network-topologiesVmware vsan-layer2-and-layer3-network-topologies
Vmware vsan-layer2-and-layer3-network-topologiesCloudSyntrix
 
Vmware vsan-layer2-and-layer3-network-topologies
Vmware vsan-layer2-and-layer3-network-topologiesVmware vsan-layer2-and-layer3-network-topologies
Vmware vsan-layer2-and-layer3-network-topologiesUdressme1
 
Sen 214 simple secure multicast transmission
Sen 214 simple secure multicast transmissionSen 214 simple secure multicast transmission
Sen 214 simple secure multicast transmissionSenetas
 

Similaire à Unknown Unicast Storm Control in Internet Exchange (20)

Vlan
VlanVlan
Vlan
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
 
Fcsi601 Linux Firewall Nat
Fcsi601 Linux Firewall NatFcsi601 Linux Firewall Nat
Fcsi601 Linux Firewall Nat
 
Firewall
FirewallFirewall
Firewall
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best Practices
 
Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2
 
Comprehensive Guide On Network Security
Comprehensive Guide On Network SecurityComprehensive Guide On Network Security
Comprehensive Guide On Network Security
 
Analysis of network_security_threats_and_vulnerabilities_by_development__impl...
Analysis of network_security_threats_and_vulnerabilities_by_development__impl...Analysis of network_security_threats_and_vulnerabilities_by_development__impl...
Analysis of network_security_threats_and_vulnerabilities_by_development__impl...
 
Firewall
FirewallFirewall
Firewall
 
IRJET - Implementation of Firewall in a Cooperate Environment
IRJET - Implementation of Firewall in a Cooperate EnvironmentIRJET - Implementation of Firewall in a Cooperate Environment
IRJET - Implementation of Firewall in a Cooperate Environment
 
Networkin new
Networkin newNetworkin new
Networkin new
 
Firewalls
FirewallsFirewalls
Firewalls
 
Vmware vsan-layer2-and-layer3-network-topologies
Vmware vsan-layer2-and-layer3-network-topologiesVmware vsan-layer2-and-layer3-network-topologies
Vmware vsan-layer2-and-layer3-network-topologies
 
Vmware vsan-layer2-and-layer3-network-topologies
Vmware vsan-layer2-and-layer3-network-topologiesVmware vsan-layer2-and-layer3-network-topologies
Vmware vsan-layer2-and-layer3-network-topologies
 
Firewall
FirewallFirewall
Firewall
 
Sen 214 simple secure multicast transmission
Sen 214 simple secure multicast transmissionSen 214 simple secure multicast transmission
Sen 214 simple secure multicast transmission
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewalls
FirewallsFirewalls
Firewalls
 

Plus de Jimmy Lim

Managing Global Distributed Network
Managing Global Distributed NetworkManaging Global Distributed Network
Managing Global Distributed NetworkJimmy Lim
 
BGP filtering best practice
BGP filtering best practiceBGP filtering best practice
BGP filtering best practiceJimmy Lim
 
The bond between automation and network engineering
The bond between automation and network engineeringThe bond between automation and network engineering
The bond between automation and network engineeringJimmy Lim
 
IDNOG3-Jimmy-CloudFlare
IDNOG3-Jimmy-CloudFlareIDNOG3-Jimmy-CloudFlare
IDNOG3-Jimmy-CloudFlareJimmy Lim
 
MY Orange Cloud - MyIX Peering Forum 2016
MY Orange Cloud - MyIX Peering Forum 2016MY Orange Cloud - MyIX Peering Forum 2016
MY Orange Cloud - MyIX Peering Forum 2016Jimmy Lim
 
Moving Away From OpenBGPd to BIRD?
Moving Away From OpenBGPd to BIRD?Moving Away From OpenBGPd to BIRD?
Moving Away From OpenBGPd to BIRD?Jimmy Lim
 

Plus de Jimmy Lim (6)

Managing Global Distributed Network
Managing Global Distributed NetworkManaging Global Distributed Network
Managing Global Distributed Network
 
BGP filtering best practice
BGP filtering best practiceBGP filtering best practice
BGP filtering best practice
 
The bond between automation and network engineering
The bond between automation and network engineeringThe bond between automation and network engineering
The bond between automation and network engineering
 
IDNOG3-Jimmy-CloudFlare
IDNOG3-Jimmy-CloudFlareIDNOG3-Jimmy-CloudFlare
IDNOG3-Jimmy-CloudFlare
 
MY Orange Cloud - MyIX Peering Forum 2016
MY Orange Cloud - MyIX Peering Forum 2016MY Orange Cloud - MyIX Peering Forum 2016
MY Orange Cloud - MyIX Peering Forum 2016
 
Moving Away From OpenBGPd to BIRD?
Moving Away From OpenBGPd to BIRD?Moving Away From OpenBGPd to BIRD?
Moving Away From OpenBGPd to BIRD?
 

Dernier

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 

Dernier (20)

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 

Unknown Unicast Storm Control in Internet Exchange

  • 2. ž This is the continuation of the Broadcast and Multicast Storm Control in Internet Exchange topic that I shared in March 2013 ž This presentation hopefully finalizes the BUM (Broadcast, Unkown Unicast, and Multicast) storm protection in Internet Exchange ž This is for discussion and sharing purposes
  • 3. ž Unicast packets with unknown destination MAC addresses ž The packets will travel to all members in the same VLAN ž Creates security concern in Internet Exchange platform since all members are sharing the same VLAN
  • 4. ž Causes 99% high CPU in the Line Card where the attack comes from ž VPLS CPU protection in Brocade is not protecting ž The unknown unicast limit threshold in Brocade is not protecting ž The 99% CPU causes packet losses to/ from the participants that reside in same Line Card with the attacker
  • 5. ž Drops the unknown unicast packets in hardware ž Tested successfully can reduce the 99% CPU down to 1%!! ž Record down any packets that are denied by incoming L2 access list to syslog ž This will fasten the troubleshooting during BUM attack
  • 6.
  • 7. ž Helps to identify the source of BUM attack ž Shows the source attack port and the related source and destination MAC address ž The logging can be very noisy •  Cisco devices send the periodic L2 related packets to the specified destination MAC address •  These packets are categorized as unknown unicast since the destination MAC address is not owned by any participants in the same VPLS VLAN
  • 8.
  • 9.
  • 10. ž We still able to drop unknown unicast packets in hardware without enabling logging to syslog ž We just need to remove the deny any any statement at the end of the access-list ž We need to use other monitoring tools like MRTG, INMON, or others to identify the source of BUM attacks