If you're using RSVP as part of your VoIP solution to help you manage your bandwidth, there are two problems you may or may not run into. The first is devices sending you RSVP messages when you don't want them, and the second is devices not sending you RSVP messages when you do want them.
The first problem will likely be rare, but it does represent an attack vector for a DoS attack. For example, intentionally or otherwise, someone could configure devices to send RSVP requests and reserve all your bandwidth, causing new VoIP calls to be rejected. To prevent this, in IOS-based routers, use the "ip rsvp neighbors" command. This lets you specify an access-control list used to determine which messages the router will ignore or process.
The second problem could be hosts of some sort that do not support RSVP. If you want to reserve bandwidth for their traffic anyway, you can spoof RSVP PATH and RSVP RESV messages. Do this from the router with the commands "ip rsvp sender" and "ip rsvp reservation". There is quite a bit of information in the PATH and RESV messages, so these commands are rather long. You will need to know source and destination IP addresses, protocol, and ports, and the previous hop IP address and interface. And of course, you will have to decide how much bandwidth and burst you wish to reserve.
Thomas Alexander Lancaster IV is a consultant and author with
Requires Free Membership to View
SearchUnifiedCommunications.com members gain immediate and unlimited access breaking industry news, expert advice on UC, technical guides, and more -- all at no cost. Join me on SearchUnifiedCommunications.com today!
Kate Gerwig, Editorial Director
over 10 years experience in the networking industry, focused on Internet infrastructure.
This was first published in January 2004