North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Firewall stateful handling of ICMP packets
- From: Joe Abley
- Date: Wed Dec 03 23:52:15 2003
On 3 Dec 2003, at 22:53, Adi Linden wrote:
One solution is to get away from unlimited bandwidth. Once there is a
cost
associated to having a PC source Nachi or Welchi traffic, customers
will
learn to be more concerned and educate themselves. The cost doesn't
have
to be moneytary. Progressive rate limiting could be used, where traffic
gets pinched as the allowed traffic per time slot is consumed.
Live example of how well monetary pinching works in New Zealand --
there have been cases of people receiving $15,000 monthly phone bills
which are mainly comprised of ADSL traffic charges. So, the traffic
charges stop the rogue traffic, by sending customers bankrupt, but only
about a month or so after the fact.
Punishing high-traffic users by progressive traffic shaping sounds more
effective, although the implementation sounds potentially hairy.
Joe
|
