On Thu, Jul 28, 2011 at 3:32 AM, Patrick Frejborg <[email protected]> wrote: > delays for returning packets due to an event - this "ticket sale" > event can be created by a botnet admin if he has enough clients behind > rITRs and directed towards any content site. Thus the lookup cycle for
I would like everyone to keep in mind that the "botnet clients" or malicious traffic does not need to originate from LISP sites. A motivated attacker will send crafted packets directly to the Internet with a LISP outer-header and false source address in the inner-header. I am not sure it is even relevant if the malicious site(s) are subject to BCP-38/uRPF/etc by their service provider. > returning traffic is not only an issue for larger content sites but > also for all business critical content sites (today multi-homed > content sites). I think we are all on the same page now. I'm glad the discussion has moved from one where it was thought that only super-huge content sites would need to address this scaling problem, to folks agreeing that every mission-critical site must do so. -- Jeff S Wheeler <[email protected]> Sr Network Operator / Innovative Network Concepts _______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
