Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On Mon, Nov 26, 2018 at 06:32:43AM -0800, Joe Touch wrote:
> > And then IETF wonders why operators do not feel like time spent on
> > providing their input to IETF WGs is well-spent.
> > 
> > What else can it be, on a real-world device, in today's Internet?
> 
> The failure of a device to run as advertised or the failure of an 
> operation to select the an appropriate device.

This is where the "real-world" bit comes into play.

> Operators that want to conserve resources without cause are welcome
> to run their routers inside glass boxes in museums.  Routers do
> work. Packets cause that work. That work is not an attack unless
> it is *disproportionate*. That is not shown for nearly any of the
> cases in this document.

As people have explained in great detail, there's work that the routers
are built to do, where the number of packets they can handle is nearly
arbitrarily high.

Then there's packets that are seen as an exception, and handled in a
not-as-powerful path.  Back then, when the Internet was new, these 
exceptional packets were considered "something we'll handle when the 
need arises", and it mostly worked.  Today, whenever anything is connected
to the real Internet has a weakness, it will be abused.  Thus, these 
packets will have to be rate-limited, up to the point of uselessness.  

Of course you can build a box that can do everything with the same 
speed.  I would recommend to the reader to make himself familiar with
current market realities, though, regarding "cost", "power consumption",
"feasibility to build in time before the increase in bandwidth has them
obsoleted again" and "willingness of customers to pay serious money for 
their Internet access".

Gert Doering
        -- Operator
-- 
have you enabled IPv6 on something today...?

SpaceNet AG                      Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14        Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen                 HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444         USt-IdNr.: DE813185279

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux