On Feb 23, 2013, at 3:18 AM, Michael Richardson <mcr+i...@sandelman.ca> wrote:
> Can you elaborate the scenario where a subnet-id renumbering would be > desireable, and would we want to actually signal this situation explicitly? There is a BAA (a request for a research proposal) from the US Air Force for a technology or methodology that would enable a network to "morph under attack." A presumably-related question came to me a couple of years ago from a researcher at Johns Hopkins APL; she wondered whether it would be possible for a network to blunt a DDOS attack without betraying the information that the attack had been detected. One way that *could* work would be to have the network periodically renumber. Imagine the network as a whole, or individual LANs from time to time, adding a prefix, making the old one "not preferred", and then removing the old one a few minutes later. The network endures the attack for a little while and then - not because it has detected an attack, but because it would do so anyway - side-steps it in routing. I'm imagining the operators in the room giggling to themselves at this point, or tearing their hair before running screaming from the "room". One would not want to have to debug anything in such a network. But that's what I'm referring to. I can imagine a network that, by policy, actively wants the algorithm to choose a new number. _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
