On Fri, 26 Oct 2001, Paul A Vixie wrote:
no. i do not agree to receive a smurf attack, no matter whether my contract with a nexthop fails to require them to prevent it from reaching me.
This is true, you do not explicitly agree to recieve the smurf. You do however, agree to pay for it, because more generally it is "traffic" and not "smurf traffic". This lack of distinction enables a) the sender to send the smurf b) you to recieve it, which you have agreed to pay for. So, until your next-hop agreement DOES enforce service requirements expect to get smurfs, spam, and all matter of other undesirables. (We are of course, ignoring the fact that this is an "attack" not a "request" or a "probe", or some other form of well intentioned traffic.)
no, there's no known financial benefit to smurfing me, but the entities who direct such attacks have positive motivation of some kind for doing so -- and i assure you that this benefit to them, whatever it is, is far greater than the benefit to me (which would have to be expressed in negative terms.)
i think it's reasonable for a smurfer to know that my infrastructure cannot tolerate multiplicitous input streams from tens of thousands of sources. just as a spammer can indeed know, without doubt, that if millions of senders, all at once, decided to send me unsolicited nonpersonal e-mail, that my inbox would not hold up well.
no specific knowledge is required in those cases. in those cases and in other cases where specific knowledge of my infrastructure is not necessary to determine that the traffic would be "not welcome", then it ought not be sent.
I can more or less agree with you here. Again, the distinction of traffic types and service levels at the edge among providers would prevent this. Another solution could involve removing some of the human element in internetworking - a topic sure to delight and astound NANOG readers.
in some places, they are illegal. in all places, they are "unwelcome." since a sender of this (or any) traffic may not know the laws in force at the place where the recipient host resides, the broader standard of "unwelcome" is more widely applicable than the narrow standard of "illegal."
This is where we arrive at "Acceptable Use", which is why it is required. But these policies need to be propogated and enforced at smaller points of intervention. Why should not the authoritative owner of 64.0.0.0/24 be allowed to tell 63.0.0.0/24 that it will only accept traffic type A (current scalability issues removed)? Further, without a standard for agreeable parameters such a system would represent chaos. This is where we arrive at Standards and Technology again.
of course, illegal things ought also not be done. but that'd be a new thread.
Regards, James