.
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
wildly
into the internet. The latter is usually used as a stopgap measure to
limit the number of spoofed packets coming into your network via transits.
The number you'd expect to filter is 50%, assuming the attacker in
question is using an evenly distributing random() function.
--
Richard
a no export community with ones
peers (being non transitive, it would still distribute the force of the
attack).
Many people do this already. If you're looking to purchase transit and you
think this is something you'll care about, ask for it or vote with your
wallet.
--
Richard A Steenbergen [EMAIL
can get anything from this is when you admit defeat on
keeping your services responding to new connection but want to keep
existing connections and/or the end servers from failing completely.
Depending on the service in question this may or may not be a good goal.
--
Richard A Steenbergen [EMAIL
see it.
If you have a network, you can just use the same IP for your dns
servers in multiple locations, and let your IGP route it to the closest
one.
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE
somewhere. It's just not an easily scalable solution.
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
of your
network.
/rant
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
lack of things for end users to do with that much
bandwidth even if they got it.
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
particular flow,
since you've eliminated the concept of one flow hogging the socket
buffer and leave it to TCP to work out the sharing of the link. Second
opinions?
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3
of their networks.
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
and simplistic paging. But I think that's plausible.)
You're missing the point, you don't allocate ANYTHING until you have a
packet to fill that buffer, and then when you're done buffering it, it is
free'd. The limits are just there to prevent you from running away with a
socket buffer.
--
Richard
data.
Once a socket proves its intentions (and periodically after
that), it gets to use a BIG buffer, so we find out just how fast
the connection can go.
That doesn't prevent an intentional local DoS though.
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID
greatly when they no longer need a Patricia tree.
To quote Avi Freedman, Customer Enragement Feature.
To quote Majdi Abbas, John Chambers owes me a pony.
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14
said in #nanog I have over 50
cases of showing pornography to a minor..
'nuf said...
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
distribution; it uses hashes. Sure, hashed distribution
isn't perfect. But it's better than perfect distribution with
added latency and/or retransmits out the wazoo.
You don't even need varying paths to create a desynch, all you need is
varying size packets.
--
Richard A Steenbergen [EMAIL PROTECTED
?
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
.
The MAE in Phoenix was originally constructed by Dave Siegel
and it ran from 1996 through 1998/9.
Or companies like http://www.maedulles.net/ who aren't exchange points at
all.
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29
of course.
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
the
people were when they laid your fiber.
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
this
problem (Vendor F comes to mind, but their SSH implementation also doesn't
work with OpenSSH w/freebsd localisations, so something else is afoot
there as well).
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14
. The pace has since slowed down a bit, but appears to be holding
steady at doubling every 18 months (1995-present).
Not to be too picky, but how is going from doubling every 2 years to
doubling every 18 months slowing down? :)
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e
and beliefs
about LAN vs WAN technology and all that nonsense... Short of that,
Cogent offers a layer 3 transport service with gige on both ends as an
option... :)
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8
a couple time there...
--
Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
buffer or the file runs
out, and then the kernel will spend the 5 minutes transfering it to the
dialup user. Have that happen a few times, and you get an instant mbuf
exaustion (or whatever internal mechanism your OS of choice uses) and
kernel panic...
--
Richard A Steenbergen [EMAIL PROTECTED
401 - 424 of 424 matches
Mail list logo
