[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Internal WG Review: Recharter of Next Steps in Signaling (nsis)

To: john.loughney@nokia.com, kempf@docomolabs-usa.com, ietf-secretariat@ietf.org, iesg@ietf.org, iab@ietf.org
Subject: RE: Internal WG Review: Recharter of Next Steps in Signaling (nsis)
From: Harald Tveit Alvestrand <harald@alvestrand.no>
Date: Sun, 01 Jun 2003 22:03:19 +0200
In-reply-to: <DADF50F5EC506B41A0F375ABEB3206360C1F61@esebe023.ntc.nokia.com>
References: <DADF50F5EC506B41A0F375ABEB3206360C1F61@esebe023.ntc.nokia.com>


--On onsdag, mai 28, 2003 13:51:03 +0300 john.loughney@nokia.com wrote:

Hi James,

In general, this charter looks good, but I've got one question about
the security section. In IAB discussions with Ran Atkinson last fall,
it came up that one inhibitor for end to end Diffsrv is that it opens
a potential DoS attack pathway on the receiving network, in that the
attacker can label packets as EF and thereby enhance the effectiveness
of the attack (and potentially overwhelm the EF forwarding capacity of
the routers). According to Ran, this is a major barrier to QoS
deployment among ISPs.

When this was raised on the transport directorate, and again on IAB, I asked the following question:

If EF is limited to (say) 25% of the bandwidth, with overflow handled as best-effort, does the EF-labelled DOS attack have any significant (>25%) advantage at DOSing best-effort services over a best-effort DOS attack?

(of course an EF-labelled DOS attack is more effective than a best-effort DOS against EF services)

I still haven't understood an answer.

Harald

Prev by Date: RE: IEEE 802.11 High Throughput Study Group Call for Contributions
Next by Date: Re: IANA Matrix project - TOS, ROHC, RTP, SDP
Previous by thread: RE: Internal WG Review: Recharter of Next Steps in Signaling (nsis)
Next by thread: Re: Last Call: Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework to BCP
Index(es):
- Date
- Thread