[e2e] It's all my fault
Lachlan Andrew
lachlan.andrew at gmail.com
Thu May 17 20:00:16 PDT 2007
Greetings Rick,
On 17/05/07, rick jones <perfgeek at mac.com> wrote:
> > Perhaps a compromise would be to reduce the number of intermediate
> > hops that can be specified from 40 to say 2. That reduces the
> > "traffic multiplier" available for DoS, but allows users to select
> > between a handful of paths. Two or three paths is enough diversity to
> > get a "pretty good" route if the default BGP route is temporarily
> > congested.
>
> I'll ask a naive question from the peanut gallery - I take that
> checking the source routes for duplicate IP's is insufficient to deal
> with the proposed problem?
That's right. Consider two networks connected by a single link. As
long as alternate IP addresses are on either side of that link, there
is a DoS on the routers on that link. They don't have to be identical
IPs, or even have identical prefixes.
Cheers,
Lachlan
--
Lachlan Andrew Dept of Computer Science, Caltech
1200 E California Blvd, Mail Code 256-80, Pasadena CA 91125, USA
Phone: +1 (626) 395-8820 Fax: +1 (626) 568-3603
More information about the end2end-interest
mailing list