Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: GRC rides again...

  • From: Ron Buchalski
  • Date: Mon Jul 02 10:57:05 2001


It depends on how qos is deployed. If a customer pays for a higher level of qos between corporate sites on a provider's network (and no qos for other traffic), the attack traffic would only consume the higher level of bandwidth when destined for that limited set of destinations. Otherwise, it would be handled with the same qos as other attack traffic.

As far as attack traffic setting it's own qos levels (manipulating precedence bits), a provider who deploys and supports qos in the network should insure that they tag traffic properly at the edge. If a non-qos customer starts tagging traffic with the highest precendence, the provider should re-tag it with no precedence prior to passing it on to the network. Of course, this means deploying some level of qos at ALL entry points, not just those entry points for customers paying for higher levels of service.

It may be possible for the features of qos to help limit the extent of the attack, but with no predictability of where the attack sources or attack destinations are, you'd either need to apply qos when the attack occurs (reactive), or deploy it EVERYWHERE, on ALL provider's networks (intensely proactive). I doubt that anyone has the time or effort to deploy worldwide qos in order to stop random (and small, compared to overall traffic) dos attacks.

-rb

From: Dave Israel <davei@biohazard.demon.digex.net>
Reply-To: davei@biohazard.demon.digex.net
To: Roeland Meyer <rmeyer@mhsc.com>
CC: "'rdobbins@netmore.net'" <rdobbins@netmore.net>, "'David Howe'" <DaveHowe@gmx.co.uk>, nanog@merit.edu
Subject: RE: GRC rides again...
Date: Mon, 2 Jul 2001 10:23:41 -0400



I doubt it. In fact, a clever hacker could figure out who has paid
for what qos, and use it to give attacking traffic high priority.
It adds another variable; it doesn't present a solution.
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.