Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Forwarded: 47th IETF: ITRACE BOF

  • From: Steven M. Bellovin
  • Date: Wed Mar 01 19:58:09 2000

------- Forwarded Message

Return-Path: <>
Received: from
	by fetchmail-4.5.7 POP3
	for <smb/localhost> (single-drop); Wed, 01 Mar 2000 19:23:02 EST
Received: from ( [])
	by (8.8.7/8.8.7) with ESMTP id TAA10215
	for <>; Wed, 1 Mar 2000 19:20:12 -0500 (EST)
Received: by (Postfix)
	id 1F98A1E032; Wed,  1 Mar 2000 19:20:12 -0500 (EST)
Received: from ( [])
	by (Postfix) with ESMTP
	id 10D301E036; Wed,  1 Mar 2000 19:20:07 -0500 (EST)
Received: (from adm@localhost)
	by (8.9.1b+Sun/8.9.1) id SAA05354
	for; Wed, 1 Mar 2000 18:25:00 -0500 (EST)
Received: from ( [])
	by (8.9.1b+Sun/8.9.1) with ESMTP id SAA05280
	for <>; Wed, 1 Mar 2000 18:13:06 -0500 (EST)
Received: from CNRI.Reston.VA.US (localhost [])
	by (8.9.1a/8.9.1a) with ESMTP id SAA16131;
	Wed, 1 Mar 2000 18:13:04 -0500 (EST)
Message-Id: <>
To: IETF-Announce: ;
Subject: 47th IETF: ITRACE BOF
Date: Wed, 01 Mar 2000 18:13:03 -0500
Content-Type: text
X-UIDL: de9f75cb7001aedbabad2854bdf994cd

ICMP Traceback BOF (itrace)

Thursday, March 30 at 1530-1730

CHAIR: Steve Bellovin <>


The purpose of the BoF is to look at a mechanism to help address the 
problem of tracing back denial of service attacks.  The suggested
mechanism is that with low probability (order 1/20,000), a router
seeing a packet would send to the destination an ICMP message giving
as much information as it knows about the immediate previous hop of 
that packet.  With enough of these messages -- and if one is being 
flooded, by definition there will be a lot of traffic, so that the 
low probabilities will still result in a reasonably complete set of 
traceback packets.

Such a mechanism has other uses as well.  It lets people trace down
the source of accidentally-emitted bogus packets, i.e., those with
RFC1918 addresses.  It helps characterize the reverse path, which
traceroute does not do.

The output will be a standards-track RFC describing the packet format, 
and the conditions under which it should be sent.  Issues include 
authentication, router load, and host load.


  Introduction, motivation        15 min
  Marcus Leech's prototype        20 min
  Open issues list                30 min
  Charter                         20 min

------- End of Forwarded Message

		--Steve Bellovin

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.