[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Next question...
| I DDOS attack the far end. The local end then sends an
| authenticated
| hint to the routing system. In fact, if I DDOS a popular
| host, I can
| get a lot of local ends to provide "hints" and thus
| indirectly DDOS the
| routing system. And then suppose the routing system
| believes the hint.
| Now I can stop my DDOS on the host and go hide.
The hint is only going as far as your SBR, because that's the system
that is responsible for locator selection for your outbound packets.
This would only be a small DDOS against your own SBR.
| OTOH, if a host wants to provide either quality or reachability
| information about itself, I'm okay with that so long as it's
| authenticated and we can find a way to sanely aggregate the
| information.
In its full generality, this will be hard. It's difficult to create
an abstraction from random, unrelated items.
Tony