Tip

RSVP configuration

If you're using RSVP as part of your VoIP solution to help you manage your bandwidth, there are two problems you may or may not run into. The first is devices sending you RSVP messages when you don't want them, and the second is

    Requires Free Membership to View

devices not sending you RSVP messages when you do want them.

The first problem will likely be rare, but it does represent an attack vector for a DoS attack. For example, intentionally or otherwise, someone could configure devices to send RSVP requests and reserve all your bandwidth, causing new VoIP calls to be rejected. To prevent this, in IOS-based routers, use the "ip rsvp neighbors" command. This lets you specify an access-control list used to determine which messages the router will ignore or process.

The second problem could be hosts of some sort that do not support RSVP. If you want to reserve bandwidth for their traffic anyway, you can spoof RSVP PATH and RSVP RESV messages. Do this from the router with the commands "ip rsvp sender" and "ip rsvp reservation". There is quite a bit of information in the PATH and RESV messages, so these commands are rather long. You will need to know source and destination IP addresses, protocol, and ports, and the previous hop IP address and interface. And of course, you will have to decide how much bandwidth and burst you wish to reserve.


Thomas Alexander Lancaster IV is a consultant and author with over 10 years experience in the networking industry, focused on Internet infrastructure.


This was first published in January 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.