Welcome! Log In Create A New Profile

[PATCH 0 of 5] QUIC flood detection

Forum List Message List New Topic Print View

Roman Arutyunyan

October 07, 2021 07:38AM

This series adds support for flood detection in QUIC and HTTP/3 smilar to
HTTP/2.

- patch 1 removes client-side encoder support from HTTP/3 for simplicity
- patch 2 fixes a minor issue with $request_length calculation
- patch 3 adds HTTP/3 traffic-based flood detection
- patch 4 adds QUIC traffic-based flood detection
- patch 5 adds a limit on frames number similar to HTTP/2

As for the patch 3, both input and output traffic is analyzed similar to HTTP/2.
Probably only input should be analyzed because current HTTP/3 implementation
does not seem to allow amplification (the only exception is Stream Cancellation,
but keepalive_requests limits the damage anyway). Also, we can never be sure
the output traffic we counted actually reached the client and was not rejected
by stream reset. We can discuss this later.
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH 0 of 5] QUIC flood detection	Roman Arutyunyan	357	October 07, 2021 07:38AM
[PATCH 1 of 5] HTTP/3: removed client-side encoder support	Roman Arutyunyan	105	October 07, 2021 07:38AM
Re: [PATCH 1 of 5] HTTP/3: removed client-side encoder support	Vladimir Homutov	84	October 12, 2021 08:46AM
[PATCH 2 of 5] HTTP/3: fixed request length calculation	Roman Arutyunyan	126	October 07, 2021 07:38AM
Re: [PATCH 2 of 5] HTTP/3: fixed request length calculation	Vladimir Homutov	110	October 12, 2021 08:48AM
[PATCH 3 of 5] HTTP/3: traffic-based flood detection	Roman Arutyunyan	135	October 07, 2021 07:38AM
Re: [PATCH 3 of 5] HTTP/3: traffic-based flood detection	Vladimir Homutov	109	October 13, 2021 05:08AM
Re: [PATCH 3 of 5] HTTP/3: traffic-based flood detection	Roman Arutyunyan	106	October 13, 2021 07:38AM
[PATCH 4 of 5] QUIC: traffic-based flood detection	Roman Arutyunyan	181	October 07, 2021 07:38AM
Re: [PATCH 4 of 5] QUIC: traffic-based flood detection	Vladimir Homutov	212	October 12, 2021 08:40AM
Re: [PATCH 4 of 5] QUIC: traffic-based flood detection	Roman Arutyunyan	98	October 13, 2021 07:42AM
[PATCH 5 of 5] QUIC: limited the total number of frames	Roman Arutyunyan	100	October 07, 2021 07:38AM
Re: [PATCH 5 of 5] QUIC: limited the total number of frames	Vladimir Homutov	92	October 12, 2021 08:44AM
Re: [PATCH 5 of 5] QUIC: limited the total number of frames	Roman Arutyunyan	145	October 13, 2021 07:54AM
Re: [PATCH 0 of 5] QUIC flood detection	Roman Arutyunyan	224	October 07, 2021 07:46AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 114

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018