In einer eMail vom 31.12.2010 21:58:55 Westeuropäische Normalzeit schreibt de...@iki.fi:
On 2010-12-28, $witch wrote: >> Wouldn't it be reasonable to develop CASCADE TREE routing as to screw >> DoS and DDoS attacks [......]? > > maybe am a little bit off-topic but : why RRG need to take position > against [D]DoS ? My plea for better routing is long-term (approx. 8 years). Coming up with CASCADE TREE (now, again) is triggered by the actuality (wikileak) Don't just think of malicious games where viruses attack some website. There may be situations, e.g. conjured up by frigthening news, where alerted people send in requests by the millions. On 9/27/2010 I referred to stuxnet pointing out how TARA could serve as a hot standby archtecture (the costs wrt memory and CPU time consumption is neglectible). Altogether: It is a plea for more intelligent networking layer based on additional/better algorithms than plain Dijkstra or even dumb DV. It might be that flow and/or congestion control isn't now a routing problem, but everybody knows it's a core part of Internet architecture, and that (D)DoS is predicated upon circumventing it. So, it is a very real problem. If it can't be solved in some other way -- the ongoing backwards congestion signaling and pricing work springs to mind, and even that impacts IP level functionality as it stands -- then it isn't readily out of the question that the RRG would have to be involved at some point. That's not on the formal agenda, though, so for now this sort of discussion does remain off-topic. (Personally I try to use the [ot] marker for this stuff, to enable automatic filtering, btw.) There are 2 ways of proceeding: 1) Now let's just be focused on the scalability issue; when done, look at the next issue,... or 2) Go for an architecture, which eliminates the scalabilits issue and which, concurrently, provides the basis for better routing. > maybe DDoSes are the only weapons in the hand of freedom, why do you > like to downgrade them? Here we're talking about not only e2e communication, but e2e, collective incentivization. I.e. something that is very much more political, incendiary and complicated than even state mandated policy routing. The stuff the Big Boys and Three Letter Agencies are keenly interested in. Would IETF/IRTF even *want* to go there? My email was indeed triggered by a series of articles requesting a German defense center against internet misbehavior (spionage, DDoSA). Then if we leave out the politics and stick to the technical detail, it's true that the only real disincentive that works from end to end is (D)DoS. If we grant that such incentivization should be possible, that is a technical problem because DoS is a highly wasteful and disruptive means of communicating such information, with lots of collateral damage. As such the proper way to address this would be to a) make DoS impossible or uneconomic at the architecture level, and then to b) design a low-overhead, e2e, secure, Internet Punishment Protocol to make this kind of feedback more explicit, scalable and manageable. It's just that... At least for me something like IPP is stuff I'd expect to find in an April's Fool RFC. Not in any serious one. DDoS resistant routing though sounds interesting. The HIP folks have been thinking about that sort of thing from the start, obviously. I wonder if some of their ideas, e.g. in the four-way handshake with expensive challenges, could be leveraged within the core-edge-separation work? I mean, without too much centralized computational burden; perhaps only in connection with mobility, where the end networks are many and lean? There and then I'd like to hear more about "cascade tree routing", and judging by the name, also about how it might potentially connect with MPLS and Nimrod. You may conceive Cascade Tree Routing as a cascade tree of tunnels - of whichever nature (incl. LSP,..) -- Sampo Syreeni, aka decoy - de...@iki.fi, http://decoy.iki.fi/front +358-50-5756111, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2 _______________________________________________ rrg mailing list rrg@irtf.org http://www.irtf.org/mailman/listinfo/rrg Heiner
_______________________________________________ rrg mailing list rrg@irtf.org http://www.irtf.org/mailman/listinfo/rrg