From owner-freebsd-net  Mon Jul 16  8:54:48 2001
Delivered-To: freebsd-net@freebsd.org
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
	by hub.freebsd.org (Postfix) with ESMTP id EDE0737B406
	for <net@FreeBSD.ORG>; Mon, 16 Jul 2001 08:54:36 -0700 (PDT)
	(envelope-from wollman@khavrinen.lcs.mit.edu)
Received: (from wollman@localhost)
	by khavrinen.lcs.mit.edu (8.11.4/8.11.4) id f6GFsRu34790;
	Mon, 16 Jul 2001 11:54:27 -0400 (EDT)
	(envelope-from wollman)
Date: Mon, 16 Jul 2001 11:54:27 -0400 (EDT)
From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Message-Id: <200107161554.f6GFsRu34790@khavrinen.lcs.mit.edu>
To: Peter Pentchev <roam@orbitel.bg>
Cc: net@FreeBSD.ORG
Subject: ICMP source quench - deprecated?
In-Reply-To: <20010716152638.B52566@ringworld.oblivion.bg>
References: <20010716152638.B52566@ringworld.oblivion.bg>
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

<<On Mon, 16 Jul 2001 15:26:38 +0300, Peter Pentchev <roam@orbitel.bg> said:

> Is there any reason for ICMP source quench to be deprecated?

There are a few problems with ICMP source quench:

1) If a sender-TCP actually pays attention to them, an attacker can
substantially reduce TCP performance by forging them (a low-grade DoS
attack).

2) Few if any routers legitimately generate the things (see #3).

3) The Internet community figured out a decade or more ago that the
last thing one wants to do on an overloaded link is to generate even
more traffic.

-GAWollman



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message