North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Rate limiting UDP,Multicast,ICMP
- From: Niels Bakker
- Date: Tue Nov 13 12:40:24 2001
* jared@puck.Nether.net (Jared Mauch) [Tue 13 Nov 2001, 18:11 CET]:
> As far as multicast goes, I'm not aware of anyone running
> native multicast that would limit the traffic. Those still using
> DVMRP may have multicast rate-limits in place as to not have a massive
> bandwidth sucking sound coming from their general direction.
I'm sure that the operators of the networks that were massively hindered
when some worms started scanning random hosts in 224/4 (that's what you
get if you don't understand IP and just use a random number generator to
get something resembling an IP address) were rate-limiting packets to
multicast addresses pretty quickly. All those new sessions (one UDP
packet to a multicast address) created state in lots of routers
throughout their networks. Dropping TCP to 224/4 of course also helps
in this particular case.
Apart from not wanting to point fingers, the names of some of these
network operators escape me at the moment too, even though I believe
they were posted here at the time.