From: T Scott Saponas (ssaponas@cs.washington.edu)
Date: Wed Dec 01 2004 - 07:28:05 PST
Review by T. Scott Saponas
"Controlling High Bandwidth Aggregates in the Networks" proposes a scheme to deal with edge congestion due to DoS attacks and flash crowds: aggregate-based congestion control (ACC). ACC is implemented with to related mechanisms local aggregate-based congestion control (Local ACC) and pushback. Local ACC involves realizing there is congestion at the edge of the network, identifying what aggregates exist, figuring out which of those aggregates should be rate limited, and rate limiting them the right amount. Pushback is a mechanism that can work on top of Local ACC where routers tell upstream routers about the aggregates they want rate limited so that upstream routers can help rate limit. Pushback is attractive because it essentially consists of telling upstream routers "You might as well drop this traffic, because I'm going to when it gets down to me anyway."
The main contribution of this paper is proposing ACC through Local ACC and push back as well as describing a way to implement it and simulating it. The implementation is described well and validated by the simulation. However, it is not clear how generalizable the simulation results are. The authors state they make no claim that the traffic mixes or topologies are realistic that they are just illustrating the basic functionality of the system. But the system is designed to be used in rare and exceptional cases so to know if their implementation works it seems their system needs to be simulated using data about what those rare and exceptional circumstances are like (DoS and flash crowds) using real traffic mixes and topologies.
It would be nice to talk about how hard it would be to add and enable pushback in the current Internet. The authors briefly discuss how pushback might be incrementally deployed. However, I would like to see discussed how to AS's would realistically cooperate to have pushback work between them and how pushback would affect their current policy based routing and current traffic agreements between AS's.
To some extent it seems like ISPs would like to implement pushback because it gives them a way to cut traffic that would be dropped anyway. However, once again because the network is edge limited right now there may not be sufficient incentive for service providers to implement this and complicate the network because from their point of view it is working, i.e. their routers aren't overloaded. Perhaps when the internet is limited in the middle this will make more sense - but even then the edge node might not ever get overloaded by flash traffic or DoS because the middle drops the packets and the end host (server) has no way to detect an aggregate and signal for pushback.
This archive was generated by hypermail 2.1.6 : Wed Dec 01 2004 - 07:28:11 PST