NAP/ISP Saturation WAS: Re: Exchanges that matter...

Mailman List Mirror (Read Only)
1

In fact, responding to pings does not directly affect the speed of the
hardware forwarding engine. However, it does increase buffer utilization
in the hardware. It also deters routing protocol processing from
happening, as it's consuming CPU.

The fact remains that a ping packet stream a Linux 386SX would barely
notice maxes out a 7010 (far more powerful CPU) that otherwise runs at 30%
with no difficulty whatsoever and causes all sorts of problems (like
it looses all its BGP sessions). Rather and obvious DoS attack, and
one which even MS were red faced enough to fix in their NT s/w pretty
sharpish.

Alex Bligh
Xara Networks

2

The fact remains that a ping packet stream a Linux 386SX would barely
   notice maxes out a 7010 (far more powerful CPU)

Bzzzt. That's a 30Mhz 68040 you're talking about. You're 386SX is on par
if not ahead. And you might recall that it's handled at process level,
whereas Linux does it at kernel level (or at least other Unixen do).

   Rather and obvious DoS attack, and one which even MS were red faced
   enough to fix in their NT s/w pretty sharpish.

You can DoS attack anything with echos. Trying to make echo handling "fast
enough" is an untenable problem. So you should simply drop them on the
floor...

Tony