David,
Yes, it would be good to have the network layer run interference, and
there are some suggestions in current papers. However, these methods are
based on probabilistic packet marking and work well only if the abuser
is a significant fraction of the load. With several thousand mice per
second pounding on the servers, its hard to cut the elephand stomping
once per second from the herd.
Actually, the LRU sorter in the monlist scheme does a rather good job of
finding a few elephants and that's how we got the data for the paper. In
the Wisconsin incident there were 750,000 elephants and mice didn't have
a chance. The trouble wasn't only with the UWisc infrastructure; the
upstream ISP was scortched, too. This would suggest the best long-term
solution is something like what telephone providers call "call gap". The
idea is to automatically detect congestion and chase it toward the
source as far as possible and disable dial tone.
Dave
David J Taylor wrote:
David L. Mills wrote:
David,
There are copious examples of that happening right now on the NIST and
USNO servers. What would you suggest we do to stop it? See the paper
Mills, D.L., J. Levine, R. Schmidt and D. Plonka. Coping with overload
on the Network Time Protocol public servers. Proc. Precision Time and
Time Interval (PTTI) Applications and Planning Meeting (Washington DC,
December 2004), 5-16.
Full text is at www.eecis.udel.edu/~mills/papers.html.
Dave
Thanks for that pointer, Dave. If I had to summarise: "NTP too successful
for its own good!"
It seems to me that you need something at the network level, rather than
the NTPD level, to turn off the path from the Elephants. How you keep a
network-level block secure from hacking is not a trivial issue, though!
73,
David
_______________________________________________
questions mailing list
[email protected]
https://lists.ntp.isc.org/mailman/listinfo/questions
