Summary
In this chapter we saw a large network with four core routers and five core links, and discussed:
- How to build a configuration for a large network—how to create BGP connections
- What kind of security threads we should expect
- How to filter DDoS attacks with a good script that detects and filters them
- How to secure business-critical services like VoIP and billing databases
- How to differentiate services by marking packets with different values for those services
- How to solve a problem when one of the core links doesn't keep the mark of the packets
- How to perform traffic shaping for customers who buy one, two, or three services that we created
- Where to place the limit scripts for the customers
Get Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.