Rob Oats says: > I have addressed this issue with Ask over the last few days as result of my > modem/router being taken down.
> On Friday 1st June my router was taken down by a surge of requests exceeding > 36 000 requests/min. I have since been able to obtain a dump file from > another surge. The bulk of these requests are coming from Turk Telekom. > I wanted to know whether others in the pool are seeing similar effects > (really > a DDOS) 36000 requests/min is an average of 600 requests/sec or somewhere around 4 or 5kbytes/sec (each request is about 80 bytes). If a router cannot handle 4kbytes/sec, should it even be considered for the pool? I mean, we try to accomodate both large-bandwidth and small-bandwidth connections, but 4kbytes/sec is analog dial-up modem throughput. "Normal" network equipment would have a lot of latency for a big surge in requests but it doesn't hurt anyone except the stupid requestors who query at the top of each minute or hour or whatever their surge pattern is. "Smart" network equipment seems to be at a SEVERE disadvantage if 4kbytes/sec constitutes a DDOS attack on them. Maybe in some cases the "Smartness" is not just a factor of the router but of its configuration, sometimes stupid config requirements by ISP's maybe, but other times too much smartness layered on by the user router config. Just because a router has a bazillion features doesn't mean you have to turn them all on. I am very interested in the pattern of their surge. Was it a bunch of requests at the top of a minute, top of an hour, some other pattern? Tim. _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
