home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
ftp.ee.lbl.gov
/
2014.05.ftp.ee.lbl.gov.tar
/
ftp.ee.lbl.gov
/
email
/
sf.97dec01.txt
< prev
next >
Wrap
Text File
|
1997-12-03
|
3KB
|
53 lines
ECN and defenses against evil applications:
Date: Mon, 01 Dec 1997 16:10:21 PST
From: Sally Floyd <floyd>
...
>Also you have no defense against an evil application that
>sets ECN-capable on but doesn't slow down when ECN is applied.
>So in the domain below the "high" threshold an evil application's
>best bet is to set ECN-capable and send as much as it can.
>The worst case is that this forces the network into drop
>mode, i.e. no worse than today for the evil application.
>
>So as far as I can see ECN can be defeated by evil applications
>in a way that RED can't. Which means that you certainly have
>to write a security considerations section about denial of
>service and theft of service by misuse of ECN-capable.
I think that the issue of evil applications is quite serious.
I have a draft of a paper-in-progress, "Router Mechanisms to Support
End-to-End Congestion Control", available from my web page
at http://www-nrg.ee.lbl.gov/floyd/, that is all about the
need for routers to deploy mechanisms to detect and control the
bandwidth of such evil applications. One form of an evil application
would be an application that did not reduce its sending rate in the
presence of a 5% packet drop rate, but instead increased its sending
rate slightly, sending additional FEC, to compensate for the increased
drop rate. Another form of an evil application would be a TCP
application using non-conformant TCP, where the connection did not use
FEC, but also did not decrease its congestion window in response to a
packet drop, but just kept sending, using information in the TCP SACK
option to identify dropped packets and retransmit them. A roughly
equivalent form of an evil application, in terms of its negative impact
on the network, would be an application that set the ECN-Capable bit,
but did not slow down in response to ECN bits.
That is, I don't think that a 5% packet drop rate, in and of itself, is
a real deterrent to any application that wants to ignore congestion
control. I don't think that there are **any** deterrents in the
current Internet to keep connections from ignoring congestion control
(other than the fact that they will know that they are being socially
unresponsible). Somehow, it is still the case that roughly 95\% of the
traffic seems to be using some form of vaguely-conformant TCP,
the steady-state packet drop rate is not spiralling up to 10 or 20
percent, and congestion collapse has not yet hit. I think that we
shouldn't press our luck, and I think that deterrents are indeed
necessary, but I don't think that the addition of ECN makes the job of
providing such deterrents any more difficult, or any more pressing.
I think that the need for such deterrents is already pretty pressing...
- Sally