[Outages-discussion] NTT - High Latency between Dallas and LA exchanges
Ross Tajvar
ross at tajvar.io
Thu May 18 15:09:53 EDT 2023
It makes sense to heavily rate-limit certain UDP traffic that "should" not
be much on the DFZ and is commonly used in amplification attacks (things
like SSDP, LDAP, memcached, etc.). NTT does this on all customer ports.
Rate-limiting ALL UDP in 2023 is a very bad idea.
On Thu, May 18, 2023 at 10:00 AM John Kristoff via Outages-discussion <
outages-discussion at outages.org> wrote:
> On Thu, 18 May 2023 13:04:20 +0000
> Joseph Jackson via Outages-discussion <outages-discussion at outages.org>
> wrote:
>
> > As a voip provider whose traffic is almost all UDP and a lot of it I
> > had no idea this was something that people, much less ISPs thought.
> > I have never come across the idea that UDP traffic through routers at
> > least in my experience was being rate limited.
>
> I don't know how widespread it is, but this was precisely something I
> had done many years ago before QUIC. Slammer was what stimulated me to
> implement "edge" rate limits on UDP traffic towards external
> destinations at an edu. So for example, ingress to the network
> traffic from an end user subnet I set a max of 10 Mb/s for UDP traffic
> not destined to internal prefixes.
>
> I left the organization and came back years later. When there were
> complaints of some random real-time game performance I discovered
> someone had later put an aggregate limit of about 100 to 200 Mb/s for
> UDP at peering routers, and with the rise of the QUIC, that limit was
> now being reached by the total sum of UDP traffic from all internal
> subnets. I preceded to get rid of the hard coded UDP limits with this
> new reality. It seemed like a reasonable thing to do at the time, but
> not so much now. Like manually configured bogon filters I would assume
> there may be similar cases lurking out there.
>
> John
> _______________________________________________
> Outages-discussion mailing list
> Outages-discussion at outages.org
> https://puck.nether.net/mailman/listinfo/outages-discussion
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages-discussion/attachments/20230518/39192b1b/attachment-0001.htm>
More information about the Outages-discussion
mailing list