Warning you cannot configure your router with this post.... Michael Dillon wrote:
On Sat, 22 Aug 1998, William Allen Simpson wrote:
Are you telling me that I should not fill my pipe with duplicate Acks, as that would be "fraud"?
No. I'm saying that if you generate spurious traffic with the *INTENT* of creating a revenue stream to you then you are probably committing fraud. If the duplicate acks are created by a program that serves no other useful purpose then it would be just as fraudluent as if you were to set up a 900 number, don a bicycle messenger's outfit, and visit downtown offices asking to use the phone for a momemnt and then calling your 900 number.
First, if TCP-INTERECPT code were modified to scale... The next router would intercept and "rate limit" the ACKS to only succesfully completed connections, as is true with SYN's, as well. SYN PATH, and ACK PATH would be part of the RSVP END-TO-END CDR records... And a SYN would not be the billable unit, completed SYN-PATHS would be. ACKS would not be either, only completed ACK-PATHS. Flow shifts would generate "Convergence" CDR records.. to handle that connectionless attitude.. :) Also, RSVP today implies a genuine "commitment rate"... Perhaps *commodity* TCP flows could create 0K CIR RSVP's, and just track actual utilization.. BTW: Fraudulent ACK's would be lacking valid SYN's, as well as DSO/seconds... No one to bill..... And a quick trip to "Disney Land"..... But, *PHEW*, *would* we be *forced* to control BOGON IP's.....:} IOPS tightly secured model *everywhere*! --
Michael Dillon - Internet & ISP Consulting Memra Communications Inc. - E-mail: michael@memra.com Check the website for my Internet World articles - http://www.memra.com