North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ICMP rate limiting on EGRESS (Warning, operational content inside)

  • From: Alex Bligh
  • Date: Mon Jan 17 12:55:00 2000

> if we're getting into an argument, then just forget it. I would much

I meant 'argument' as in 'topic of discussion'

> the point I am trying to make is that ICMP rate limiting is duct-tape...
> ...
> but it is not a long-term solution.

Absolutely. Nasty messy sticky horrible duct-tape at that with very
little engineering beauty - it does consist, after all, of throwing
away arbitrary amounts of control & test traffic.

> > In the mean time, ICMP rate limiting is here now and deployable for
> > most people at these exchangepoints today.
> it is exactly this mode of thinking that prevents folks from focusing on
> good long-term engineering solutions. it's quick, easy, and fixes the
> problem until it breaks and we have to come up with yet another clever
> tape-on hack.

I have seen plenty of horrible nasty duct-tape hacks a classic being
the Doran / Partan prefix-length filtering that have little or
no engineering beauty but kept the internet alive. This has not
prevented router manufacturers from building cleaner, cleverer routers
able to cope with larger routing tables. I make no such grand
claims for this, but I am reasonably happy it won't dissuade people
from working on 'real clean' solutions. If I had one of them now (please
any one?), I'd deploy it.

Alex Bligh
GX Networks (formerly Xara Networks)