Kacheong Poon writes: > James Carlson wrote: > > Kacheong Poon writes: > >> Note that I am *not* saying that increasing the ICMP return > >> byte size is not good. But I don't think the suggestion on > >> using rate is good enough. The bandwidth consumed is the > >> number ICMP messages sent per second (rate) times the ICMP > >> packet size. To some sys admins, just controlling the rate is > >> not good enough for them to handle DoS situation. > > > > The max size is already set by the RFCs. You don't make your reply > > larger than 576 octets. > > > Are you saying that a sys admin should not be allowed > to lower the max?
Yes. There might have possibly been a reason to do that 20 years or so ago (though I think that's also debatable), but it's unlikely that such a reason exists today. See the subject line -- we're talking about shrinking the ndd tunable list, which does mean trying to figure out which ones have grown stale and useless. -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
