David Conrad wrote: > > >> much less anywhere near "close to a Denial of Service (DoS) attack". > > > > If you look at hostnames such as hp.com which have 13 IPv4 listed in > > the DNS, it would probably have a significant effect on their > > infrastructure if suddenly every client would attempt 13 parallel > > TCP-connects and kill 12 of them pre-natal or during infancy. > > I'd be surprised, as them even noticing would tend to indicate > they'd be trivially susceptible to D(D)oS attacks. EVERY server is trivially susceptible to DoS attacks. That is no such thing as a server that is not. > > However, I thought we were talking about doing parallel > lookups/connects to an IPv6 address at the same time an IPv4 > lookup/connect was done. Don't see any particular point in > opening parallel lookups to multiple IPv4 (or IPv6) addresses. What you described is a client with a pretty selfish attitude that doesn't care about network, servers and the other clients put into code. Now if some app writer actually implements that, he will quickly find out that it results in "snappier" connects even for hosts with no IPv6 but multiple IPv4-Addresses. And given the selfish attitude, that client is likely going to use it. In the IPv4 & IPv6 case, the two address are often going to point to the same server, and if every client would use this strategy, the server's requirements for socket handles and listen queue length might double (based on the short-lived nature of the HTTP-like traffic today). If a server operator has set up simple load-balancing by round-robin reordering of multiple IPv4 Addresses for a hostname in order to cut down on the load and number of requests that hits a single server, then a client that parallelizes IPv4 connects is going to hit all the servers all the time... I'm sorry, but personally, I think this approach is a bad idea. It's similar to what I see on the road every day, when the traffic is heavy and some folks are constantly changing lanes trying to get forward faster than the crowd. These guys don't care about actually slowing down the rest, endangering the people around them and causing accidents regularly. The concept works only as long as very few individuals try to get an unfair advantage over the rest. But it definitely is doomed if EVERYONE, or even a larger number of people would practice this. -Martin _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf