From owner-freebsd-net  Tue Nov 12 13: 1:36 2002
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B331037B401
	for <freebsd-net@FreeBSD.ORG>; Tue, 12 Nov 2002 13:01:35 -0800 (PST)
Received: from aaz.links.ru (aaz.links.ru [193.125.152.37])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9115743E91
	for <freebsd-net@FreeBSD.ORG>; Tue, 12 Nov 2002 13:01:34 -0800 (PST)
	(envelope-from babolo@aaz.links.ru)
Received: from aaz.links.ru (aaz.links.ru [193.125.152.37])
	by aaz.links.ru (8.12.6/8.12.6) with ESMTP id gACL37Dh054513;
	Wed, 13 Nov 2002 00:03:07 +0300 (MSK)
	(envelope-from babolo@aaz.links.ru)
Received: (from babolo@localhost)
	by aaz.links.ru (8.12.6/8.12.6/Submit) id gACL36X3054512;
	Wed, 13 Nov 2002 00:03:06 +0300 (MSK)
Message-Id: <200211122103.gACL36X3054512@aaz.links.ru>
Subject: Re: forwarded message on Source Quench Packets.
X-ELM-OSV: (Our standard violations) hdr-charset=KOI8-R; no-hdr-encoding=1
In-Reply-To: <E18BcxO-0000fM-00@chiark.greenend.org.uk>
To: Tony Finch <dot@dotat.at>
Date: Wed, 13 Nov 2002 00:03:06 +0300 (MSK)
From: "."@babolo.ru
Cc: silby@silby.com, freebsd-net@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL99b (25)]
MIME-Version: 1.0
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

> Mike Silbersack <silby@silby.com> wrote:
> >
> >I can see how these source quench messages would cause problems if a DoS
> >is being routed through a FreeBSD router, and I think that your patch
> >makes sense.  Are there any objections to me committing this in a few
> >days?
> 
> Doesn't FreeBSD rate-limit ICMP as required by the RFC? If there is a
> but it's that the rate-limiting isn't happening, not that source-quench
> packets are being generated. If it's important that FreeBSD routers not
> generate them then it should be a sysctl option.
I am second for a sysctl option.
One of requirements when licensing networks
in Russia is source-quench support.

> Tony.
> -- 

-- 
@BABOLO      http://links.ru/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message