David Conrad wrote:
much less anywhere near "close to a Denial of Service (DoS) attack".
If you look at hostnames such as hp.com which have 13 IPv4 listed in
the DNS, it would probably have a significant effect on their
infrastructure if suddenly every client would attempt 13 parallel
TCP-connects and kill 12 of them pre-natal or during infancy.
I'd be surprised, as them even noticing would tend to indicate
they'd be trivially susceptible to D(D)oS attacks.
EVERY server is trivially susceptible to DoS attacks.
That is no such thing as a server that is not.
However, I thought we were talking about doing parallel
lookups/connects to an IPv6 address at the same time an IPv4
lookup/connect was done. Don't see any particular point in
opening parallel lookups to multiple IPv4 (or IPv6) addresses.
What you described is a client with a pretty selfish attitude
that doesn't care about network, servers and the other clients
put into code.
Now if some app writer actually implements that, he will quickly
find out that it results in "snappier" connects even for hosts
with no IPv6 but multiple IPv4-Addresses. And given the selfish
attitude, that client is likely going to use it.
In the IPv4 & IPv6 case, the two address are often going to point
to the same server, and if every client would use this strategy,
the server's requirements for socket handles and listen queue
length might double (based on the short-lived nature of the
HTTP-like traffic today).
If a server operator has set up simple load-balancing by
round-robin reordering of multiple IPv4 Addresses for a hostname
in order to cut down on the load and number of requests that
hits a single server, then a client that parallelizes IPv4 connects
is going to hit all the servers all the time...
I'm sorry, but personally, I think this approach is a bad idea.
It's similar to what I see on the road every day, when the
traffic is heavy and some folks are constantly changing lanes
trying to get forward faster than the crowd. These guys don't
care about actually slowing down the rest, endangering the
people around them and causing accidents regularly.
The concept works only as long as very few individuals try to
get an unfair advantage over the rest. But it definitely is
doomed if EVERYONE, or even a larger number of people would
practice this.
-Martin
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf