Rate limiting UDP,Multicast,ICMP

Niels Bakker niels=nanog at bakker.net
Tue Nov 13 17:37:41 UTC 2001

* jared at puck.Nether.net (Jared Mauch) [Tue 13 Nov 2001, 18:11 CET]:
> 	As far as multicast goes, I'm not aware of anyone running
> native multicast that would limit the traffic.  Those still using
> DVMRP may have multicast rate-limits in place as to not have a massive
> bandwidth sucking sound coming from their general direction.

I'm sure that the operators of the networks that were massively hindered
when some worms started scanning random hosts in 224/4 (that's what you
get if you don't understand IP and just use a random number generator to
get something resembling an IP address) were rate-limiting packets to
multicast addresses pretty quickly.  All those new sessions (one UDP
packet to a multicast address) created state in lots of routers
throughout their networks.  Dropping TCP to 224/4 of course also helps
in this particular case.

Apart from not wanting to point fingers, the names of some of these
network operators escape me at the moment too, even though I believe
they were posted here at the time.


	-- Niels.

More information about the NANOG mailing list