Summary

In this chapter we saw a large network with four core routers and five core links, and discussed:

  • How to build a configuration for a large network—how to create BGP connections
  • What kind of security threads we should expect
  • How to filter DDoS attacks with a good script that detects and filters them
  • How to secure business-critical services like VoIP and billing databases
  • How to differentiate services by marking packets with different values for those services
  • How to solve a problem when one of the core links doesn't keep the mark of the packets
  • How to perform traffic shaping for customers who buy one, two, or three services that we created
  • Where to place the limit scripts for the customers

Get Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial