North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ICMP rate limiting on EGRESS (Warning, operational content inside)

  • From: Sam Thomas
  • Date: Mon Jan 17 12:22:51 2000

On Mon, Jan 17, 2000 at 04:35:58PM +0000, Alex Bligh wrote:
> Sean Donelan wrote:
> > Or is this a case, if we had thought about it, we would have prohibited
> > it at the start; but now its in the wild we don't know how to get it back
> > in the barn.
> Mmmm... we got onto this argument by someone implying we wouldn't need
> this sort of defensive technique (ICMP rate limiting on egress)
> if source-spoofed weren't transmittable (or weren't widely transmittable).

if we're getting into an argument, then just forget it. I would much
rather see a proper discussion of the matter, with useful solutions.

> I agree. However as you are demonstrating, whilst getting to this
> utopia would be great, getting there will take a long time. I'm sure
> we *might* also fix DoS attacks using some sort of interprovider MPLS
> or like to provide QoS negotiation (and that'll also give you non-destination
> based routing) .... and I bet that even if this could
> be got to work, it would take even longer.

the point I am trying to make is that ICMP rate limiting is duct-tape, and
won't fix the problem long-term. rate-limiting at egress points is a good
idea, will plug an immediate leak, make the exchanges safer, and help
curb a growing problem, but it is not a long-term solution. we need to make
a commitment and determine a correct course of action to get to the "utopia"
in the long term. it is my fear that as we focus on installing stop-gaps
one after the other, we will eventually break legitimate networking. if
nobody is interested in working on things that will take a long time to
implement, then we are already doomed to failure.

> In the mean time, ICMP rate limiting is here now and deployable for
> most people at these exchangepoints today.

it is exactly this mode of thinking that prevents folks from focusing on
good long-term engineering solutions. it's quick, easy, and fixes the
problem until it breaks and we have to come up with yet another clever
tape-on hack.