Effects of traffic shaping ICMP (&c.)

Hank Nussbacher hank at MaX.ibm.net.il
Thu Dec 3 06:44:34 UTC 1998

On Wed, 2 Dec 1998, Pete Kruckenberg wrote:

I think what is being asked is not how to rate limit what goes thru the
router, but rather to affect rate limitations on the incoming stream.  
TCP can be rate limited upstream by playing with TCP window size and ACKs
as some of the bandwidth manager products do (Packeteer, Xedia, Elron to
name just a few). Unfortunately, there is nothing you can do to UDP or
ICMP flows coming your way other than rate limit them as they go thru your
box.  You will still be hit by Smurfs and their ilk and they will still
eat up your bandwidth.


> On Wed, 2 Dec 1998, Mark R. Lindsey wrote:
> > Could traffic shaping, or similar QoS configurations, be used to solve
> > such issues in a more general way? For example, if my source of packet
> > flooding is ICMP, then I'd like to be able to dedicate as much as 1/10th
> > (e.g.) of the bandwidth of each link to ICMP. That's plenty of ICMP, but
> > it's not so much that an attack using ICMP would be effective.
> At the last NANOG, there was a presentation about Cisco's CAR and how
> @Home was using it to limit ICMP and detect unusual ICMP activity. Well,
> that was part of the talk, at least. 
> http://www.nanog.org/mtg-9811/ppt/witt/index.htm : presentation slides
> http://www.nanog.org/mtg-9811/cartalk.ram : presentation in RealVideo
> Pete.

More information about the NANOG mailing list