[c-nsp] DNS amplification
Gert Doering
gert at greenie.muc.de
Sun Mar 17 07:42:57 EDT 2013
Hi,
On Sun, Mar 17, 2013 at 11:04:47AM +0000, Dobbins, Roland wrote:
> On Mar 17, 2013, at 5:38 PM, Gert Doering wrote:
>
> > uRPF helps everybody else
>
> It helps you yourself, as well - spoofed traffic is by definition
> garbage. It consumes aggregation link capacity, core capacity; it
> affects peering ratios and paid transit traffic tallies; it clouds
> the data horizon and makes traceback of undesirable network traffic
> impossible.
To play the devil's advocate - if I bill my customers by the GByte on
their port, I don't mind if it's spoofed or not... "traffic is traffic,
they pay for it, I transport it"...
But you're certainly right, I just want to point out why people might
not care, even if it's eating up their bandwidth.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20130317/971539c4/attachment.sig>
More information about the cisco-nsp
mailing list