Re: Digital Island sponsors DoS attempt?

[Dave Siegel <dave () siegelie com>]

On Fri, Oct 26, 2001 at 12:48:39PM -0400, Valdis.Kletnieks () vt edu reportedly typed:
> On Fri, 26 Oct 2001 09:32:39 PDT, Dave Siegel said:
> > If you have a list of prefix's you intend to measure, it would not be
>
> If.
>
> This list comes from *where*?

If you intend to measure a set of prefixes using a method that might be
considered intrusive, you have a list of prefixes, no?

The line is drawn with intent and scope.

We aren't talking about 5 ping packets as part of path MTU discovery.
We aren't even talking about 5 ping packets sent as part of a ping 
triangulation in response to an http request.

We're talking about intentional measurement of a network, on a scale large
enough to concern a network administrator.

It's really not that hard to know when you're doing the right thing or
the wrong thing.  You feel it in your gut.  Of course, this is a by-product
of the way you were raised.  Either you are taught about common courtesies
or you aren't.  Application of the Golden Rule is pretty easy.

If you feel that MTU path discovery is inconsiderate, then I suppose you
should take action that let's you sleep at night.  It certainly wouldn't
bug me.

In the end, no one will ever agree on where the line is drawn.  This 
discussion is dragging on needlessly.

Signing off,

Dave

> What if I pointed out that IBM's AIX implements Path MTU Discovery by sending
> an ICMP packet with max MTU and the DF bit set (so it can discover the *max*
> MTU even if the first *TCP* packet is not a full MTU long)?
>
> Are you saying that I should contact each prefix that my Listserv machine is
> sending mail to, to get permission to negotiate PMTU discovery?  Ouch.
> That's 600K subscribers, and I need to go look up where their MX entries
> point to, figure out what AS the destination is in, and send the AS contact
> mail (assuming that 'whois' actually has valid data) - and then repeat for
> every new subscriber to a list from an AS we haven't contacted before.
>
> No?  That seems silly?  How is it any different from 5 PING packets so a site
> can decide which server to send stuff from?  Where do you draw the line?
>
> > transit providers needn't be involved, as transit providers typically
> > don't measure icmp flows bound to customers.
>
> We've seen cases where transit providers do things like install blackhole
> routing because they disagree with a site because of their traffic.  This
> proves that at least *some* transit providers care about *some* traffic for
> *some* reason.  Again, where do you draw the line?
> -- 
>                               Valdis Kletnieks
>                               Operating Systems Analyst
>                               Virginia Tech



-- 
Dave Siegel
HOME   520-877-2593   dave at siegelie dot com
WORK   520-877-2628   dsiegel at gblx dot net