Fwd: Re: Digital Island sponsors DoS attempt
Paul Vixie
vixie at vix.com
Fri Oct 26 04:45:50 UTC 2001
> > I am sure, Digital Island gets the necessary permissions from network
> > owners before hammering them with those requests, right?
> The same "permissions" that allow seamless end-to-end connectivity across
> the entire Internet. The same "permissions" you granted to others when
> you signed the connectivity agreement.
"everything not expressly forbidden is allowed" is a workable model for
peering relationships and even transit relationships, but it only works
within the context of a direct relationship of some kind.
in the case where the sender and receiver are communicating between one
or many third parties, there is no direct relationship and thus no apriori
terms of service to which the traffic must conform. for this, we reverse the
model: "everything not welcomed is forbidden" and thus create a prior
restraint problem which goes by the name "what, then, is implicitly
welcome or unwelcome?"
generally any traffic which unequally benefits the sender isn't welcome.
ping traffic, even ping traffic which helps one network figure out how to
best route traffic to another, still unequally benefits the sender. one
ought not, in my opinion, ever have to ask that such pings be stopped.
another test for "welcome" is "if everybody did this, would the recipient
be injured?" clearly this is the same profile as "unequal benefit to the
sender" and the answer in the case of these pings is "yes, ouch."
smurf, ddos in general, and spam also classify well by this criteria. it
*is* possible to know before initiating communication whether it's implicitly
"welcome" by this standard, even if you have no direct relationship to the
recipient whose terms and conditions would explicitly tell you the answer.
More information about the NANOG
mailing list