[53092] in North American Network Operators' Group
Re: ICANN Targets DDoS Attacks
daemon@ATHENA.MIT.EDU (Crist J. Clark)
Wed Oct 30 16:38:34 2002
Date: Wed, 30 Oct 2002 13:35:38 -0800
From: "Crist J. Clark" <crist.clark@attbi.com>
To: Valdis.Kletnieks@vt.edu
Cc: nanog@merit.edu
Reply-To: cjclark@alum.mit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 29 Oct 2002 16:00:06 -0500, Valdis.Kletnieks@vt.edu wrote,
> On Tue, 29 Oct 2002 12:48:39 PST, Jeff Shultz said:
>
> > >Smurf.
>
> > Okay. What will this do to my user's ping and traceroute times, if
> > anything? I've got users who tend to panic if their latency hits 250ms
> > between here and the moon (slight exaggeration, but only slight).
> >
> > I just love it when I've got people blaming me because the 20th hop on
> > a traceroute starts returning * * * instead of times.
>
> So you rate limit it to several/second or something appropriate for the normal
> traffic levels. You don't allow ping/traceroute to broadcast addresses.
On the classless Internet, how does any router know what is or is not
a broadcast address when the final destination is not local?
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
