UDP/123 policers & status
Saku Ytti
saku at ytti.fi
Mon Mar 30 06:18:35 UTC 2020
On Mon, 30 Mar 2020 at 01:58, Ragnar Sundblad <ragge at kth.se> wrote:
> A protocol with varying packet size, as the NTS protected NTP is,
> can easily have the bad property of having responses larger than the
> requests if not taken care. Don’t you see that?
Why? Why not pad requests to guarantee attenuation vector until
authenticity of packets can be verified?
MinimaLT does this. I think all UDP based and initial TCP should do
it, doing it for existing protocols may not be possible, but why not
for new?
I proposed similar method for proxy-trace (bidir tracerouting) -
https://github.com/ytti/proxy-trace/blob/master/draft-ytti-intarea-proxy-trace.xml#L169
--
++ytti
More information about the NANOG
mailing list