North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ICMP rate limiting on EGRESS (Warning, operational content inside)

  • From: Sam Thomas
  • Date: Mon Jan 17 12:27:48 2000

On Mon, Jan 17, 2000 at 08:07:36AM -0800, Sean Donelan wrote:
> Or is this a case, if we had thought about it, we would have prohibited
> it at the start; but now its in the wild we don't know how to get it back
> in the barn.

this is my thinking exactly. at least I hope that had the potential for
abuse of spoofed-source been thought about in the early days, that it
would not be something we're battling with hacks now.

clever hacks are nice, but when they are in response to a design problem,
they should only last as long as it takes to correct the design problem, and
the focus should be on correcting the design problem.