North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
RE: Measured Internet good v. "bad" traffic
- From: David Schwartz
- Date: Thu Aug 28 05:48:10 2003
> On Wed, 27 Aug 2003, David Schwartz wrote:
> > Analogically, imagine if Burger King kept getting shipments
> > of buns that
> > they didn't want but still had to pay for. Their customers
> > would get pretty
> > pissed if BK added an 'unwanted bun' charge to their bill
> > (absent specific
> > prior agreement). I pay for the food I order, not the food BK's
> > suppliers
> > ship to BK. Of course, it's reasonable for BK to raise their
> > prices for the
> > costs of having to deal with the unwanted food.
> No that wouldnt work, that was be an analogy to non-usage based
> eg I buy a 10Mb
> port from you and you dont charge me extra for unwanted bandwidth
> across your
The point is that 'usage' is supposed to be 'what you use', not what
somebody else uses. 'My' traffic is the traffic I want, not the traffic you
try to give me that I don't want.
> > I sympathize with the customer. There is no reason he should pay for
> > traffic he did not request and does not want. If unwanted traffic raises
> > your cost of providing the service for which you are paid
> > (providing wanted
> > traffic) then you should raise your rates.
> Thats the nature of the Internet which is what you're buying.. you get a
> permanent supply of unwanted packets, attacks, spam, viruses etc.
> If you want to
> avoid it dont connect to the Internet.
I don't want to avoid it, I just don't want to be charged for what I do not
want. If someone FedExed me a bomb postage due, there are many things FedEx
might do, but to try to get me to pay the postage is not one of them. There
are few things I can do to stop FedEx from delivering me a bomb and there
are many things FedEx can do to stop them from delivering one to me. In
general, the customer cannot fix the problem.
> > In principle, one could certainly enter into an agreement where the
> > customer agrees to bear the costs of unwanted traffic in exchange for a
> > lower rate. But I certainly wouldn't assume the customer agreed
> > to pay for
> > traffic he doesn't want and didn't ask for unless the contract
> > explicitly
> > says so.
> Most contracts define traffic as the averaged rate across the
> interface, they
> dont look into what that traffic is and whether anyone requested
> it. In this
> sense the comparisons between internet traffic and toll phone
> calls breaks down,
> its also the basis for an argument on settlement free bilateral peering ;p
Suppose, for example, my provider's network management scheme pings my end
of the link every once in a while to see if the link is up. Suppose further
this ping made a dent in my bill, so the provider decides to ping more
often, say five times a second with large packets to be *sure* the link is
reliable. Do you seriously think it's reasonable for me to pay for this
> > And for those people entering into contracts, make sure the
> > contract is
> > clear about what happens with DoS attacks and where the
> > billable traffic is
> > measured. Otherwise you might be pretty surprised if you get a bill for
> > 250Mbps of traffic when you contracted for a 45Mbps circuit.
> Indeed, but most contracts are either 95 percentile or another kind of
> smoothed average.. if however it specifies for example you are
> charged on the
> peak 5 minute average in the month you could be in trouble!
There is no limit to how long a DoS attack can last. And your provider has
no incentive to trace/filter if he gets a major profit if he can just make
that attack last a few more hours.
Even with 95 percentile billing, seven hours of 100Mbps can push your 95%
from 5Mbps up to 12Mbps very easily. Heck, stalling from 6PM when the attack
starts until 10AM the next morning could make them a bundle.
> > For those dealing with contracts already in place, if your
> > provider argues
> > that you are responsible for all attack traffic no matter what,
> > ask them if
> > that means you could possibly get billed for 1Gbps of traffic
> > even though
> > you only bought a T1.
> Presumably as the measurement is on the rate across the interface
> this couldnt
If the contract isn't explicit, it costs the provider just as much to drop
the traffic at the interface as it does to send it over the interface. So
the 'we have to pay for it' argument is not limited to the interface rate.
By definition, anything two parties agree to with full knowledge is fair to
both of them. How DoS attacks are handled should be part of the negotiation
of any ISP/customer agreement. However, for many of the contracts I've seen
the contract was silent and ambiguous.
For a 95 percentile agreement, it's reasonable for the customer to take
responsibility for DoS traffic until he makes a request to the provider's
NOC. It's also reasonable for the provider to charge a fixed 'incident fee'
for each attack that requires NOC and network resources. It is not
reasonable for the incentive structure to reward the NOC for doing nothing
and penalize them for any attempt to help.