[prev in list] [next in list] [prev in thread] [next in thread]
List: afripv6-discuss
Subject: Re: [AfrIPv6-Discuss] Fwd: rate-limiting-of-ipv6-traceroutes-is-widespread
From: Lee Howard <Lee.Howard () retevia ! net>
Date: 2017-08-16 12:30:45
Message-ID: D5B9AFC8.810FE%Lee.Howard () retevia ! net
[Download RAW message or body]
Yes, this is very interesting.
On 8/16/17, 4:56 AM, "Daniel Shaw" <daniel@afrinic.net> wrote:
>Interesting slides. May be of interest to some.
>
>
>https://datatracker.ietf.org/meeting/99/materials/slides-99-maprg-rate-lim
>iting-of-ipv6-traceroutes-is-widespread-measurements-and-mitigations
This isn't just a traceroute problem, but an ICMPv6 problem, right?
You mentioned RFC4443 "ICMPv6" (I had to look it up; it's in section
2.4(f)). Presumably, then, all ICMPv6 messages originating from that
router are rate-limited, not just traceroute. Ping and pMTUd?
If you send a burst of ICMPv6 messages to a router, like one every 10ms,
to see where you overflow the buffers, doesn't that mean actual users on
the network are not getting accurate pMTU data?
I wasn't sure from the slides (although maybe it's clear in the
presentation) whether this problem is seen on normal rates of traceroutes?
Because if so, I would agree we need to tune the algorithm from RFC4443,
or develop a new one. If it only occurs when someone generates a thousand
traceroutes at a time, I'd argue the mechanism is working properly.
Have you sent a note to v6ops or the authors of draft-v6ops-ipv6rtr-reqs
suggesting the update? I should know, but I can't keep track of every
message on every draft.
Thanks for doing this; it's thought-provoking work.
Lee
_______________________________________________
AfrIPv6-Discuss mailing list
AfrIPv6-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/afripv6-discuss
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic