Welcome! Log In Create A New Profile

Advanced

[PATCH 0 of 5] QUIC flood detection

Roman Arutyunyan
October 07, 2021 07:38AM
This series adds support for flood detection in QUIC and HTTP/3 smilar to
HTTP/2.

- patch 1 removes client-side encoder support from HTTP/3 for simplicity
- patch 2 fixes a minor issue with $request_length calculation
- patch 3 adds HTTP/3 traffic-based flood detection
- patch 4 adds QUIC traffic-based flood detection
- patch 5 adds a limit on frames number similar to HTTP/2

As for the patch 3, both input and output traffic is analyzed similar to HTTP/2.
Probably only input should be analyzed because current HTTP/3 implementation
does not seem to allow amplification (the only exception is Stream Cancellation,
but keepalive_requests limits the damage anyway). Also, we can never be sure
the output traffic we counted actually reached the client and was not rejected
by stream reset. We can discuss this later.
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[PATCH 0 of 5] QUIC flood detection

Roman Arutyunyan 150 October 07, 2021 07:38AM

[PATCH 1 of 5] HTTP/3: removed client-side encoder support

Roman Arutyunyan 16 October 07, 2021 07:38AM

Re: [PATCH 1 of 5] HTTP/3: removed client-side encoder support

Vladimir Homutov 11 October 12, 2021 08:46AM

[PATCH 2 of 5] HTTP/3: fixed request length calculation

Roman Arutyunyan 19 October 07, 2021 07:38AM

Re: [PATCH 2 of 5] HTTP/3: fixed request length calculation

Vladimir Homutov 21 October 12, 2021 08:48AM

[PATCH 3 of 5] HTTP/3: traffic-based flood detection

Roman Arutyunyan 21 October 07, 2021 07:38AM

Re: [PATCH 3 of 5] HTTP/3: traffic-based flood detection

Vladimir Homutov 15 October 13, 2021 05:08AM

Re: [PATCH 3 of 5] HTTP/3: traffic-based flood detection

Roman Arutyunyan 15 October 13, 2021 07:38AM

[PATCH 4 of 5] QUIC: traffic-based flood detection

Roman Arutyunyan 22 October 07, 2021 07:38AM

Re: [PATCH 4 of 5] QUIC: traffic-based flood detection

Vladimir Homutov 23 October 12, 2021 08:40AM

Re: [PATCH 4 of 5] QUIC: traffic-based flood detection

Roman Arutyunyan 14 October 13, 2021 07:42AM

[PATCH 5 of 5] QUIC: limited the total number of frames

Roman Arutyunyan 13 October 07, 2021 07:38AM

Re: [PATCH 5 of 5] QUIC: limited the total number of frames

Vladimir Homutov 15 October 12, 2021 08:44AM

Re: [PATCH 5 of 5] QUIC: limited the total number of frames

Roman Arutyunyan 15 October 13, 2021 07:54AM

Re: [PATCH 0 of 5] QUIC flood detection

Roman Arutyunyan 29 October 07, 2021 07:46AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 73
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready