North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Fair Queuing combats DDoS? [was Re: Yahoo! Lessons Learned ]
- From: Alex Bligh
- Date: Thu Feb 10 16:14:31 2000
Alexei Roudnev (firstname.lastname@example.org) said:
> [deploy WFQ and RPF universally]
> Then , if someone want to kill yahoo (for example), he need a few
> thousands different data streams to do it - which is impossible.
Several thousand different data streams is exactly what DDoS is. Also
there is a presumed high correlation with people who do not secure
their servers adequately againts intrusion (and thus turning
these things into DDoS clients) and people who do not run RPF right
next to those servers.
Therefore this is only 'impossible' if there are not more than 2000
servers sitting on clueless or fallible peoples network. Recent experiences
with internet scaling suggest even if this were true now (which
it isn't), it won't last long.
VP Core Network, Concentric Network Corporation
(formerly GX Networks, Xara Networks)