Rate limiting UDP,Multicast,ICMP
niels=nanog at bakker.net
Tue Nov 13 17:37:41 UTC 2001
* jared at puck.Nether.net (Jared Mauch) [Tue 13 Nov 2001, 18:11 CET]:
> As far as multicast goes, I'm not aware of anyone running
> native multicast that would limit the traffic. Those still using
> DVMRP may have multicast rate-limits in place as to not have a massive
> bandwidth sucking sound coming from their general direction.
I'm sure that the operators of the networks that were massively hindered
when some worms started scanning random hosts in 224/4 (that's what you
get if you don't understand IP and just use a random number generator to
get something resembling an IP address) were rate-limiting packets to
multicast addresses pretty quickly. All those new sessions (one UDP
packet to a multicast address) created state in lots of routers
throughout their networks. Dropping TCP to 224/4 of course also helps
in this particular case.
Apart from not wanting to point fingers, the names of some of these
network operators escape me at the moment too, even though I believe
they were posted here at the time.
More information about the NANOG