|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ICMP rate limiting on EGRESS (Warning, operational content inside)
> if we're getting into an argument, then just forget it. I would much I meant 'argument' as in 'topic of discussion' > the point I am trying to make is that ICMP rate limiting is duct-tape... > ... > but it is not a long-term solution. Absolutely. Nasty messy sticky horrible duct-tape at that with very little engineering beauty - it does consist, after all, of throwing away arbitrary amounts of control & test traffic. > > In the mean time, ICMP rate limiting is here now and deployable for > > most people at these exchangepoints today. > > it is exactly this mode of thinking that prevents folks from focusing on > good long-term engineering solutions. it's quick, easy, and fixes the > problem until it breaks and we have to come up with yet another clever > tape-on hack. I have seen plenty of horrible nasty duct-tape hacks a classic being the Doran / Partan prefix-length filtering that have little or no engineering beauty but kept the internet alive. This has not prevented router manufacturers from building cleaner, cleverer routers able to cope with larger routing tables. I make no such grand claims for this, but I am reasonably happy it won't dissuade people from working on 'real clean' solutions. If I had one of them now (please any one?), I'd deploy it. -- Alex Bligh GX Networks (formerly Xara Networks)
|