North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ICANN Targets DDoS Attacks
On Tue, 29 Oct 2002, Jeff Shultz wrote: > > > > *********** REPLY SEPARATOR *********** > > On 10/29/2002 at 3:54 PM Jared Mauch wrote: > > >On Tue, Oct 29, 2002 at 12:48:39PM -0800, Jeff Shultz wrote: > >> > >> > >> > >> *********** REPLY SEPARATOR *********** > >> > >> On 10/29/2002 at 3:40 PM [email protected] wrote: > >> > >> >On Tue, 29 Oct 2002 22:25:44 +0200, Petri Helenius <[email protected]> > >> said: > >> > > >> >> Why would you like to regulate my ability to transmit and receive > >> data > >> >> using ECHO and ECHO_REPLY packets? Why they are considered > >> >> harmful? > >> > > >> >Smurf. > >> > > >> > >> Okay. What will this do to my user's ping and traceroute times, if > >> anything? I've got users who tend to panic if their latency hits > 250ms > >> between here and the moon (slight exaggeration, but only slight). > >> > >> I just love it when I've got people blaming me because the 20th hop > on > >> a traceroute starts returning * * * instead of times. > > > > that's icmp ttl expired messages. > > I know that, and I try to explain it to my customers... but it doesn't > answer the first part of the question - what will throttling ICMP do to > ping and traceroute times? My gut reaction is that it will a. slow them > down and/or b. discard a lot of them making the circuit look unreliable > to ping. But I don't know enough about the underlying technology to be > sure of that. As they say, if you dont set the rate limit too low then you wont encounter drops under normal operation. Steve
|