Re: udp packet storms

[avalon () coombs anu edu au (Darren Reed)]

> You miss the point. It is unrelated to responding to broadcast pings
> -- thats perfectly fine behavior. The problem is one of sending to the
> broadcast address by accident, because that allows you to reply to a
> packet who's source address is the broadcast address without realizing
> that you might do so.
>
> .pm

Well, with some help I've managed to conduct some experiments on udp
broadcast packets and the echo port...I was testing on an ethernet with
two Suns, an LX (Solaris2) and a SS2 (SunOS 4)...it went something like this:

10.1.2.0,echo -> 10.1.2.0,echo  (forged packet)
10.1.2.1,echo -> 10.1.2.0,echo
10.1.2.2,echo -> 10.1.2.0,echo
10.1.2.2,echo -> 10.1.2.1,echo
10.1.2.1,echo -> 10.1.2.2,echo
10.1.2.2,echo -> 10.1.2.1,echo
10.1.2.1,echo -> 10.1.2.2,echo
...

and it is still going on :-)  With just these two hosts, continually going
at each other, ping from one to the other still averages 1ms...using spray
(maybe this ain't such a good measure):

10.1.2.1 /> spray -c 1000 -l 1480 10.1.2.2
sending 1000 packets of lnth 1482 to 10.1.2.2 ...
        in 10.7 seconds elapsed time,
        585 packets (58.50%) dropped
Sent:   93 packets/sec, 135.0K bytes/sec
Rcvd:   38 packets/sec, 56.0K bytes/sec

Darren