On Wed, 15 Oct 1997, Dave Zarzycki wrote:
> I had an idea and I'm looking for comments and criticism.
> ---------
>
> I'm getting really frustrated with some people who are abusing the cache
> registration service (tracker.nlanr.net). It tells you to ask the cache
> administrator for permission and access, but alas, some bozos try to use
> my cache (and probably others) without asking.
Agreed 110%!
> If we could implement a special feature that would add ICP clients to the
> netdb, then we could selective not respond to ICP requests if the client
> is to too far away. We might even send a UDP_TOOFAR response back to say
> why we're denying the remote clients and that the remote cache should
> stop querying the local cache for a given amount of time (UDP_TOOFAR is
> made up and is in no way official). If the remote client continues to
> query, then they will be ignored.
>
> # distant_peer_deny (icmp rtt) (hops)
> # If the ICP client is farther than "x" milliseconds
> # away, or "x" hops, then deny.
> distant_peer_deny 200 10
Sounds like and excellent idea. Perhaps the already existing ICMP pinging
stuff could provide a base for this.
I suggest a modification, though, to allow for instantaneous network
glitches. How about:
# distant_peer_deny (icmp rtt) (hops)
# If the ICP client is farther than "z" hops away,
# or if more than y% of pings to the client exceed
# x milliseconds, then deny.
distant_peer_deny 200 75 10
defaults of 250 milliseconds, 75%, and 10 hops are probably pretty good
defaults. Maybe 15 hops for those connected my Sprintlink or MCI :-)
-Bill
Received on Thu Oct 16 1997 - 16:14:19 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:37:17 MST