[27631] in North American Network Operators' Group
Forwarded: 47th IETF: ITRACE BOF
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Wed Mar 1 19:57:20 2000
From: "Steven M. Bellovin" <smb@research.att.com>
To: nanog@merit.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 01 Mar 2000 19:55:17 -0500
Message-Id: <20000302005523.1585D41F16@SIGABA.research.att.com>
Errors-To: owner-nanog-outgoing@merit.edu
------- Forwarded Message
Return-Path: <ietf-123-owner@loki.ietf.org>
Received: from postal.research.att.com
by fetchmail-4.5.7 POP3
for <smb/localhost> (single-drop); Wed, 01 Mar 2000 19:23:02 EST
Received: from mail-green.research.att.com (mail-green.research.att.com [135.207.30.103])
by postal.research.att.com (8.8.7/8.8.7) with ESMTP id TAA10215
for <smb@postal.research.att.com>; Wed, 1 Mar 2000 19:20:12 -0500 (EST)
Received: by mail-green.research.att.com (Postfix)
id 1F98A1E032; Wed, 1 Mar 2000 19:20:12 -0500 (EST)
Received: from loki.ietf.org (loki.ietf.org [132.151.1.177])
by mail-green.research.att.com (Postfix) with ESMTP
id 10D301E036; Wed, 1 Mar 2000 19:20:07 -0500 (EST)
Received: (from adm@localhost)
by loki.ietf.org (8.9.1b+Sun/8.9.1) id SAA05354
for ietf-123-outbound.01@ietf.org; Wed, 1 Mar 2000 18:25:00 -0500 (EST)
Received: from ietf.org (odin.ietf.org [10.27.2.28])
by loki.ietf.org (8.9.1b+Sun/8.9.1) with ESMTP id SAA05280
for <all-ietf@loki.ietf.org>; Wed, 1 Mar 2000 18:13:06 -0500 (EST)
Received: from CNRI.Reston.VA.US (localhost [127.0.0.1])
by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA16131;
Wed, 1 Mar 2000 18:13:04 -0500 (EST)
Delivered-To: smb@research.att.com
Message-Id: <200003012313.SAA16131@ietf.org>
To: IETF-Announce: ;
From: ietf-secretariat@ietf.org
Cc: new-work@ietf.org
Subject: 47th IETF: ITRACE BOF
Date: Wed, 01 Mar 2000 18:13:03 -0500
Sender: mbeaulie@cnri.reston.va.us
Content-Type: text
X-UIDL: de9f75cb7001aedbabad2854bdf994cd
ICMP Traceback BOF (itrace)
Thursday, March 30 at 1530-1730
===============================
CHAIR: Steve Bellovin <smb@research.att.com>
DESCRIPTION:
The purpose of the BoF is to look at a mechanism to help address the
problem of tracing back denial of service attacks. The suggested
mechanism is that with low probability (order 1/20,000), a router
seeing a packet would send to the destination an ICMP message giving
as much information as it knows about the immediate previous hop of
that packet. With enough of these messages -- and if one is being
flooded, by definition there will be a lot of traffic, so that the
low probabilities will still result in a reasonably complete set of
traceback packets.
Such a mechanism has other uses as well. It lets people trace down
the source of accidentally-emitted bogus packets, i.e., those with
RFC1918 addresses. It helps characterize the reverse path, which
traceroute does not do.
The output will be a standards-track RFC describing the packet format,
and the conditions under which it should be sent. Issues include
authentication, router load, and host load.
AGENDA:
Introduction, motivation 15 min
Marcus Leech's prototype 20 min
Open issues list 30 min
Charter 20 min
------- End of Forwarded Message
--Steve Bellovin
