Digital Island sponsors DoS attempt?
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Fri Oct 26 16:48:39 UTC 2001
On Fri, 26 Oct 2001 09:32:39 PDT, Dave Siegel said:
> If you have a list of prefix's you intend to measure, it would not be
If.
This list comes from *where*?
What if I pointed out that IBM's AIX implements Path MTU Discovery by sending
an ICMP packet with max MTU and the DF bit set (so it can discover the *max*
MTU even if the first *TCP* packet is not a full MTU long)?
Are you saying that I should contact each prefix that my Listserv machine is
sending mail to, to get permission to negotiate PMTU discovery? Ouch.
That's 600K subscribers, and I need to go look up where their MX entries
point to, figure out what AS the destination is in, and send the AS contact
mail (assuming that 'whois' actually has valid data) - and then repeat for
every new subscriber to a list from an AS we haven't contacted before.
No? That seems silly? How is it any different from 5 PING packets so a site
can decide which server to send stuff from? Where do you draw the line?
> transit providers needn't be involved, as transit providers typically
> don't measure icmp flows bound to customers.
We've seen cases where transit providers do things like install blackhole
routing because they disagree with a site because of their traffic. This
proves that at least *some* transit providers care about *some* traffic for
*some* reason. Again, where do you draw the line?
--
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 211 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20011026/067e6f10/attachment.sig>
More information about the NANOG
mailing list