[Ecn-sane] robustness against attack?
Sebastian Moeller
moeller0 at gmx.de
Sun Mar 24 18:50:14 EDT 2019
Here is a comment on the tsvwg mailing list for the [tsvwg] Questions and comments on draft-ietf-tsvwg-ecn-l4s-id-06 bt G. Fairhurst:
"Section 8. I think there should be some discussion on what happens if an attacker introduces ECT(1) rogue packets can it influence the method, other than an attack which seeks to induce congestion? "
From my layman's perspective this is the the killer argument against the dualQ approach and for fair-queueing, IMHO only fq will be able to (stochastically) isolate rouge flows.... (okay if the attacker randomizes port numbers he/she will also do considerable harm to an fq AQM, but at least it will take more than one flow). I might be overly optimistic about fq and unfairly negative about dualQ/LLLLS, but the idea of fully trusting the end-points to play fair (as far as I can tell dualQ wi)ll only tail-drop once it queue passes a configured threshold) seems overly optimistic to me. This reminds on of the difference between cooperative and preemptive multitasking, while the former has the potential for higher performance, all general purposes OS went for the latter... Anyway, since I am far away from this field I would not be amazed if I would just re-hash old arguments here, but still a thought is a thought, and uttering even a silly thought can result in me learning something ;)
Best Regards
Sebastian
More information about the Ecn-sane
mailing list