[Cerowrt-devel] Bufferbloat at upcoming LUG talk

Michael Richardson mcr at sandelman.ca
Mon Nov 26 10:28:00 EST 2012 

>>>>> "Dave" == Dave Taht <dave.taht at gmail.com> writes:
    >> (In general, leaking names is really not that much of a worry...)

    Dave> Names, no. Amplification attacks are a serious problem with DNS.

    Dave> The internet is rife with worms and daemons that are leveraging open
    Dave> dns servers to amplification attacks. In a few short weeks that macej
    Dave> had left the port open,

so, there is a difference between leaking names, and providing recursive
service to everyone...

    Dave> I've tried very hard to respond to CVEs over the course of this
    Dave> project (bind alone, had 5), but I'm away from the lab, in the middle
    Dave> of a trip, in between a major upgrade of functionality to cerowrt and
    Dave> trying to get funding to re-invigorate this project.

Understood.

    Dave> I haven't had much time to hack. None to test.

    Dave> I would to get to where we had infrastructure to easily create, test,
    Dave> and push out security related fixes.

I wonder if part of the issue is that flashing hardware is a pain in the
butt to do automagically.  Were I able to spend paid time on this, I'd
want to do a cerowrt build for x86, or some other trivially virtualized
processor.

    >> Use the fountain images that Van Jacobson used at IETF84.

    Dave> In my own preso at the lincs, I used my coffee cup...

    Dave> There is an interesting preso that shemminger is using that uses soda
    Dave> bottles to do something similar to both concepts. Jamming holes into
    Dave> it randomly to simulate red....

    Dave> I may adopt this - however in explaining fq_codel, I think I need to
    Dave> add multiple cups, and an eye-dropper for the ant packets.

sure... in explaining fq_codel, I can see that you need more than the
fountain.
I think that most people need bufferbloat clearly articulated before
they will see that there is a problem that needs fixing, and most
non-network people are still there. 

-- 
]       He who is tired of Weird Al is tired of life!           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
   Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
	               then sign the petition.

More information about the Cerowrt-devel mailing list