On 09:15, Thu 11 Aug 05, tim panton wrote: > > On 10 Aug 2005, at 16:48, Michiel van Baak wrote: > > >On 08:45, Wed 10 Aug 05, Jean-Michel Hiver wrote: > > > >>1) your provider is voluntarily screwing up VoIP traffic > >>2) some idiot purposingly fills up your pipe with UDP traffic > >> > >> > > > >If they fill the pipe with TCP traffic, UDP will be dead as > >well. Protocols don't matter, bandwidth does. > > Actually they do. A smart router/firewall can manage inbound > TCP traffic by delaying or dropping outbound acks. This will cause any > correct TCP implementation to back off. > > Clearly this isn't perfect, it won't help you if you are being DOS'd > but it will throttle inbound http/smtp. > > Tim.
The "correct TCP implementation" is the key here. If everybody on this world used such implementations a lot of problems would be solved. I seen enough clients relying on timeouts instead of acks etc. I have to admit it will help some, but it will never beat a good QoS agreement with your upstream provider. DOS-attacks are something totally different. It will blow you offline till you contacted your upstream provider and the activated some logic on their switches. -- Michiel van Baak http://michiel.vanbaak.info [EMAIL PROTECTED] GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7E0B9A2D "Why is it drug addicts and computer afficionados are both called users?" _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users