[27259] in North American Network Operators' Group
Re: Fair Queuing combats DDoS? [was Re: Yahoo! Lessons Learned ]
daemon@ATHENA.MIT.EDU (Alex Bligh)
Thu Feb 10 16:12:48 2000
From: Alex Bligh <amb@gxn.net>
To: "Alexei Roudnev" <alex@genesyslab.com>
Cc: "Alex Bligh" <amb@gxn.net>, "Vadim Antonov" <avg@kotovnik.com>,
nanog@merit.edu
In-reply-to: Your message of "Thu, 10 Feb 2000 12:14:26 PST."
<001401bf7403$6e09e790$b608a8c0@alex1.genesyslab.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 10 Feb 2000 21:03:54 +0000
Message-Id: <E12J0kk-0007ON-00@sapphire.noc.gxn.net>
Errors-To: owner-nanog-outgoing@merit.edu
Alexei Roudnev (alex@genesyslab.com) said:
> [deploy WFQ and RPF universally]
> Then , if someone want to kill yahoo (for example), he need a few
> thousands different data streams to do it - which is impossible.
Several thousand different data streams is exactly what DDoS is. Also
there is a presumed high correlation with people who do not secure
their servers adequately againts intrusion (and thus turning
these things into DDoS clients) and people who do not run RPF right
next to those servers.
Therefore this is only 'impossible' if there are not more than 2000
servers sitting on clueless or fallible peoples network. Recent experiences
with internet scaling suggest even if this were true now (which
it isn't), it won't last long.
--
Alex Bligh
VP Core Network, Concentric Network Corporation
(formerly GX Networks, Xara Networks)
