For those who are interested in the ITRACE BoF, there is a mailing list
ietf-itrace(_at_)research(_dot_)att(_dot_)com(_dot_) Subscribe by sending the
message body
subscribe
to majordomo(_at_)research(_dot_)att(_dot_)com
---
ICMP Traceback BOF (itrace)
Thursday, March 30 at 1530-1730
===============================
CHAIR: Steve Bellovin <smb(_at_)research(_dot_)att(_dot_)com>
DESCRIPTION:
The purpose of the BoF is to look at a mechanism to help address the
problem of tracing back denial of service attacks. The suggested
mechanism is that with low probability (order 1/20,000), a router
seeing a packet would send to the destination an ICMP message giving
as much information as it knows about the immediate previous hop of
that packet. With enough of these messages -- and if one is being
flooded, by definition there will be a lot of traffic, so that the
low probabilities will still result in a reasonably complete set of
traceback packets.
Such a mechanism has other uses as well. It lets people trace down
the source of accidentally-emitted bogus packets, i.e., those with
RFC1918 addresses. It helps characterize the reverse path, which
traceroute does not do.
The output will be a standards-track RFC describing the packet format,
and the conditions under which it should be sent. Issues include
authentication, router load, and host load.
AGENDA:
Introduction, motivation 15 min
Marcus Leech's prototype 20 min
Open issues list 30 min
Charter 20 min
--Steve Bellovin