wg-multicast - RE: MSDP Storm
Subject: All things related to multicast
List archive
- From: "Michael Luby" <>
- To: "Bill Nickless" <>, <>
- Cc: "Bill Owens" <>, "Greg Shepherd" <>, "Kevin Thompson" <>, <>, "mbone mail list" <>, "Michael Luby" <>
- Subject: RE: MSDP Storm
- Date: Wed, 17 Jan 2001 21:16:35 -0800
- Importance: Normal
I'm actually independently interested in the rate at which DRs can accept
and process IGMP join/leave traffic for some typical DRs without melting
down. This is one of the outstanding questions in the RMT working group on
one of the congestion control schemes proposed there. Does anybody have any
statistics of this type?
Mike Luby
-----Original Message-----
From:
[mailto:]On
Behalf Of Bill Nickless
Sent: Wednesday, January 17, 2001 4:11 PM
To:
Cc: Bill Nickless; Bill Owens; Greg Shepherd; Kevin Thompson;
;
mbone mail list
Subject: Re: MSDP Storm
-----BEGIN PGP SIGNED MESSAGE-----
At 06:03 PM 1/17/2001 -0500, Marshall Eubanks wrote:
>Bill;
>
> You did indeed, now you seem clairvoyant.
Aiee! I didn't mean to leave that impression--my earlier notes contained a
write-up of the problem in detail that didn't go to some of the lists,
which is why I reposted them to the wider audience.
>BUT, it seems to me that at base this is not a MSDP issue - it is an IGMP
>issue. Wouldn't it make more sense (although, alas, more work) to rate
>limit IGMP joins ?
Good question.
I agree with Dave Meyer's comment, that the general problem is a lack of
rate limiting on routing protocols subject to flooding, including
MSDP. Should we include IGMP in this list of protocols that should be rate
limitable? I'm not sure.
In this case, though, I don't think the problem could have been solved by
rate limiting on IGMP. The MSDP SAs were created from PIM Register
packets, which were made from actual IP data packets by the (broken, ugly)
scanner transmitted. Thus, IGMP wasn't necessary for the problem to spread
widely.
That being said, I would be interested to know if the kernel on the
compromised hosts did actually do IGMP joins to receive any replies, or if
the non-multicast-aware scanner did enough of the right socket calls.
===
Bill Nickless http://www.mcs.anl.gov/people/nickless +1 630 252 7390
PGP:0E 0F 16 80 C5 B1 69 52 E1 44 1A A5 0E 1B 74 F7
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQCVAwUBOmY0mawgm7ipJDXBAQH3NQP+LXJKuzGeRNFVv9MC36fKUdLs+CkV/IgX
+AueKEVXeimx6+Cvr0iJMkUcUAV+w3OPQd+PtROX/wLEYrSeqbtF+MLtjzGOq3B0
9ZXdXGi9BwPomsornB87BpNJEb+RfsTBjYGYw/of0nWJcBLiPZM+xc9qxuHXl1lk
by+qEghwjtg=
=iNis
-----END PGP SIGNATURE-----
- Re: MSDP Storm, (continued)
- Re: MSDP Storm, Marshall Eubanks, 01/17/2001
- Re: MSDP Storm, Marty Hoag, 01/17/2001
- RE: MSDP Storm, Bill Owens, 01/17/2001
- RE: MSDP Storm, Bill Nickless, 01/17/2001
- Re: MSDP Storm, Marshall Eubanks, 01/17/2001
- Re: MSDP Storm, Bill Nickless, 01/17/2001
- Re: MSDP Storm, Marshall Eubanks, 01/17/2001
- Re: MSDP Storm, Bill Nickless, 01/17/2001
- Re: MSDP Storm, John Meylor, 01/18/2001
- Finding the worm, Bill Owens, 01/18/2001
- Re: MSDP Storm, Marshall Eubanks, 01/17/2001
- RE: MSDP Storm, Michael Luby, 01/18/2001
- Re: MSDP Storm, Marshall Eubanks, 01/18/2001
- Re: MSDP Storm, Bill Owens, 01/18/2001
- Re: MSDP Storm, Dave Hartzell, 01/18/2001
- Re: MSDP Storm, Marshall Eubanks, 01/18/2001
- Re: MSDP Storm, Matthew Davy, 01/18/2001
- Re: MSDP Storm, Magnus Danielson, 01/18/2001
- Re: MSDP Storm, Marshall Eubanks, 01/18/2001
- RE: MSDP Storm, Mike Luby, 01/18/2001
- Re: MSDP Storm, Marshall Eubanks, 01/18/2001
- RE: MSDP Storm, Mike Luby, 01/18/2001
Archive powered by MHonArc 2.6.16.