[22021] in North American Network Operators' Group
Re: Effects of traffic shaping ICMP (&c.)
daemon@ATHENA.MIT.EDU (Craig A. Huegen)
Wed Dec 2 18:02:21 1998
Date: Wed, 2 Dec 1998 14:29:53 -0800
From: "Craig A. Huegen" <chuegen@quadrunner.com>
To: "Mark R. Lindsey" <mark@vielle.datasys.net>, nanog@merit.edu
In-Reply-To: <199812022057.PAA14074@vielle.datasys.net>; from Mark R. Lindsey on Wed, Dec 02, 1998 at 03:57:08PM -0500
On Wed, Dec 02, 1998 at 03:57:08PM -0500, Mark R. Lindsey wrote:
==>Could traffic shaping, or similar QoS configurations, be used to solve
==>such issues in a more general way? For example, if my source of packet
==>flooding is ICMP, then I'd like to be able to dedicate as much as 1/10th
==>(e.g.) of the bandwidth of each link to ICMP. That's plenty of ICMP, but
==>it's not so much that an attack using ICMP would be effective.
Sure.
Check out my Smurf paper at http://www.quadrunner.com/~chuegen/smurf.html
It has information on using Cisco's Committed Access Rate (CAR) feature
to rate-limit traffic such as ICMP echo/echo-reply and TCP SYNs.
/cah
