Re: Question for IPv6 w.g. on [Re: IPv6 Type 0 Routing Headerissu es]

Le 30 avr. 07 à 14:28, Pars Mutaf a écrit :

>>>  - how many hops you can make w/ a packet sized 1280?
>
> Maybe I'm missing something, but the attacker wouldn't
> rather send millions of *very small* packets (to keep the
> routers busy) instead sending elephants??

This morning, just to test it on a Mac Mini, i pushed a little more  
than 1MB/s of such RH0 packets (those you call "elephants") between a  
Linux box (forwarding activated, pre 2.6.20.9) and the Mac (both  
gigabit, directly connected). This is slide 35/57 of the  
presentation. The Bandwidth monitor output on the Linux is below  
(same on the Mac) :

Bandwidth Monitor 1.1.0

        Iface        RX(KB/sec)   TX(KB/sec)   Total(KB/sec)

         eth0        45512.315    46102.463       91614.778
           lo            0.985        0.985           1.970

[...]

I can ensure you that when you are limited by your upload bandwidth,  
and only with few KB/s, you simply saturate a 100Mbit/s Ethernet link.

When you send millions of packets at X KB/s, the routers still have  
to cope with that amount of bandwidth (X KB/s). "Elephants" simply  
amplify your bandwidth between the 2 routers (44*X KB/s upload and  
44*X KB/s download, as if there were almost 90 people like you on the  
link).

Cheers,

a+

ps : 44 is the number of pairs of @ (rtr1, rtr2) in the RH0.

-- Arnaud Ebalard
EADS Innovation Works - IT Sec Research Engineer
PGP KeyID:047A5026 FingerPrint:47EB85FEB99AAB85FD0946F30255957C047A5026

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------