North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Effects of traffic shaping ICMP (&c.)

  • From: Martin, Christian
  • Date: Wed Dec 02 17:46:21 1998

You could implement priority queueing to this end, but the effects could
be disastrous on buffers.  At this time, the best way to defend against
smurf and UDP floods is via access-lists with fast-packet drop.


> -----Original Message-----
> From: [email protected] [mailto:[email protected]]
> Sent: Wednesday, December 02, 1998 3:57 PM
> To: [email protected]
> Subject: Effects of traffic shaping ICMP (&c.)
> Howdy,
> When our network is being smurfed, we can call our ISPs and have them
> setup an access list to block ICMP. That fixes the problem, but it
> creates another (obvious) problem.
> Could traffic shaping, or similar QoS configurations, be used to solve
> such issues in a more general way? For example, if my source of packet
> flooding is ICMP, then I'd like to be able to dedicate as 
> much as 1/10th
> (e.g.) of the bandwidth of each link to ICMP. That's plenty 
> of ICMP, but
> it's not so much that an attack using ICMP would be effective.
> My question, stated briefly, is this: can you solve generic
> homogenous-packet-flood problems with QoS and/or traffic 
> shaping (if the
> two can be truly distinguished), in general? If so, are 
> current routers
> capable of doing it? What would be the effect of doing so on dialup
> links and backbones?
> ---
> Mark R. Lindsey, [email protected]
> Internet Engineering, DSS Online LLC
> Voice: 912.241.0607x200, Fax: 912.241.0190 (US)