Re: Syn floods and DOS protection

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	Re: Syn floods and DOS protection
From:	Roberto Nibali <ratz@xxxxxx>
Date:	Tue, 10 Sep 2002 11:55:24 +0200

Hi Peter,

This sounds very interesting.  Does the QOS synrate limiter differentiate
between "real" and "fake" traffic at all?  Do you have any Julian tips on

It's _impossible_ to differentiate between malicious and good traffic. End ofstory. But you can rate limit incoming SYNs with in ingress policy. Julian gaveyou a pointer. This was also discussed about 2 years ago on this list when thesecure_tcp and drop_packet stuff was about to be introduced :)


Best regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc

<Prev in Thread]	Current Thread	[Next in Thread>
Syn floods and DOS protection, Alex Kramarov Re: Syn floods and DOS protection, Julian Anastasov RE: Syn floods and DOS protection, Peter Mueller Re: Syn floods and DOS protection, Alex Kramarov RE: Syn floods and DOS protection, Peter Mueller RE: Syn floods and DOS protection, Julian Anastasov Re: Syn floods and DOS protection, Roberto Nibali <=

Previous by Date:	Re: Performance testing, Roberto Nibali
Next by Date:	Re: Persistance again, Roberto Nibali
Previous by Thread:	RE: Syn floods and DOS protection, Julian Anastasov
Next by Thread:	LVS-DR + DNS, Stefan Peter
Indexes:	[Date] [Thread] [Top] [All Lists]