[freenet-dev] Packet size proposal
Matthew Toseland
toad at amphibian.dyndns.org
Mon Mar 10 17:09:33 UTC 2008
On Monday 10 March 2008 14:20, NextGen$ wrote:
> * Matthew Toseland <toad at amphibian.dyndns.org> [2008-03-10 13:57:28]:
>
> > On Saturday 08 March 2008 14:30, Michael Rogers wrote:
> > > Evan Daniel wrote:
> > > > At least for the near term future, and probably longer, we need an
> > > > answer other than TCP because of ugliness like Comcast's Sandvine
> > > > hardware. Forged TCP reset packets are non-trivial to deal with, but
> > > > the equivalent problem doesn't even exist for UDP.
> > >
> > > True, UDP is more robust than TCP against this particular attack, but
> > > that just means the next logical step in the P2P vs ISP arms race is for
> > > all the P2P apps to move to UDP, and then the ISPs will just start
> > > throttling UDP instead of forging RSTs. Ultimately if your ISP doesn't
> > > want to carry your traffic, they won't carry it.
> >
> > Sure. But it will cost them. RSTs are trivial. The Golden Shield uses RSTs
for
> > example, rather than remembering which streams it wants to kill. Because
> > statefully killing streams would cost many times more.
>
> Send any "hard" ICMP error and you're done killing it ;)
Hmmm?
>
> > Throttling UDP
> > likewise would cause other problems: it would slow down skype
dramatically,
> > alienating a lot of users, so they'd need to put more hardware in to
detect
> > skype...
>
> Skype can work over TCP if UDP is blocked.
What if it's not blocked but slow?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080310/0005958e/attachment.pgp
More information about the Devl
mailing list