North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IP over SONET considered harmful?

  • From: Sean M. Doran
  • Date: Sun Mar 22 14:03:58 1998

| Sounds reasonable to me. My point was that decrementing the IP TTL,
| whether it be at each LSR or only at egress, should be a decision
| that can be made by the provider.

Well, in that case you also have to not copy the IP TTL into
the tag TTL, but rather synthesize a new tag TTL, assuming
the goal is not to end up with traceroute stars.

I think this is insane, personally, but then Sprintlink in
the past fell victim to devastating forwarding loops, both
tight and loose; the latter were particularly bad, and so
maybe I am "over sensitive".

If you _really_ want to conceal one's network, why not
just outright lie -- at your ingress LSR look for packets
with low TTLs, and for ones that won't make it to their 
destinations, synthesize an ICMP time exceeded with your
choice of source addresses.  (cf the last paragraph of 2.14
in the current MPLS arch draft)   Where this is not possible,
you generate the lie as close as possible to the point where
the ttl timeout would happen.