Home page logo

nanog logo nanog mailing list archives

Fw: GLBX ICMP rate limiting (was RE: Tier-1 without their own backbone?)
From: "Gordon" <gstewart () ctccom net>
Date: Thu, 28 Aug 2003 09:43:04 -0400

Of the DDOS attacks I have had to deal with in the past year I have seen
none which were icmp based.
As attacks evolve and transform are we really to believe that rate limiting
icmp will have some value in the attacks of tomorrow?

On Wed, 27 Aug 2003, jlewis () lewis org wrote:

We have a similarly sized connection to MFN/AboveNet, which I won't
recommend at this time due to some very questionable null routing
doing (propogating routes to destinations, then bitbucketing traffic
to them) which is causing complaints from some of our customers and
forcing us to make routing adjustments as the customers notice
MFN/AboveNet has broken our connectivity to these destinations.

We've noticed that one of our upstreams (Global Crossing) has introduced
ICMP rate limiting 4/5 days ago.  This means that any traceroutes/pings
through them look awful (up to 60% apparent packet loss).  After
contacting their NOC, they said that the directive to install the ICMP
rate limiting was from the Homeland Security folks and that they would not
remove them or change the rate at which they limit in the foreseeable

What are other transit providers doing about this or is it just GLBX?



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]