RE: Effects of traffic shaping ICMP (&c.)

["Martin, Christian" <CMartin () mercury balink com>]

You could implement priority queueing to this end, but the effects could
be disastrous on buffers.  At this time, the best way to defend against
smurf and UDP floods is via access-lists with fast-packet drop.

Chris

> -----Original Message-----
> From: mark () vielle datasys net [mailto:mark () vielle datasys net]
> Sent: Wednesday, December 02, 1998 3:57 PM
> To: nanog () merit edu
> Subject: Effects of traffic shaping ICMP (&c.)
>
>
> Howdy,
>
> When our network is being smurfed, we can call our ISPs and have them
> setup an access list to block ICMP. That fixes the problem, but it
> creates another (obvious) problem.
>
> Could traffic shaping, or similar QoS configurations, be used to solve
> such issues in a more general way? For example, if my source of packet
> flooding is ICMP, then I'd like to be able to dedicate as 
> much as 1/10th
> (e.g.) of the bandwidth of each link to ICMP. That's plenty 
> of ICMP, but
> it's not so much that an attack using ICMP would be effective.
>
> My question, stated briefly, is this: can you solve generic
> homogenous-packet-flood problems with QoS and/or traffic 
> shaping (if the
> two can be truly distinguished), in general? If so, are 
> current routers
> capable of doing it? What would be the effect of doing so on dialup
> links and backbones?
>
> ---
> Mark R. Lindsey, mark () datasys net
> Internet Engineering, DSS Online LLC
> Voice: 912.241.0607x200, Fax: 912.241.0190 (US)