nanog mailing list archives

Re: engineering --> ddos and flooding

From: Joel Jaeggli <joelja () darkwing uoregon edu>
Date: Thu, 31 May 2001 18:21:19 -0700 (PDT)


On Thu, 31 May 2001 horape () tinuviel compendium net ar wrote:


Why should it be so great deal? It should allow me only to add filters on
the traffic that is destined to me, not arbitrary filters...


Filters have a non-zero impact on cpu overhead. Where they end up in the
forwarding path could negativly affect your upstream or other routers in a
fashion that's signficantly worse than the attack on you affects them...

The potential for someone at isp B to do engineering on the way that
traffic from isp A's customers flow to isp B on isp A's routers ought to
be fairly disturbing to most folks. Normally that's something that both
parties have to agree on first.

Current thread:

engineering --> ddos and flooding Andrew Dorsett (May 31)
- Re: engineering --> ddos and flooding Jared Mauch (May 31)
- Re: engineering --> ddos and flooding Andrew Dorsett (May 31)
  - Re: engineering --> ddos and flooding Joel Jaeggli (May 31)
- Re: engineering --> ddos and flooding Geoff Z (May 31)
- <Possible follow-ups>
- Re: engineering --> ddos and flooding Steven M. Bellovin (May 31)
- Re: engineering --> ddos and flooding Joel Jaeggli (May 31)