UDP Broadcasting/Responding - avoiding a DDoS-like scenario?

3
votes

I want to implement a self-propagating system for distributing a small piece of data (IP address) across multiple client computers using a UDP broadcast & UDP response. To do this I'm using C# (UDPListener and Socket, see this example).

It'll work something like this:

  1. Client 1 broadcasts What is the IP address?

  2. All other clients respond to client 1 (not a broadcast) with their version of the IP address: e.g. 192.168.1.10

  3. Client 1 tests each IP address received and uses the most appropriate one

My question is whether this short burst of responses would cause a significant bottleneck / DDoS-like effect on large networks? For instance, if 1,000 client machines all responded to client 1 simultaneously?

EDIT: I'm not trying to create a DoS attack, I'm trying to avoid a denial of service scenario.

1
c#networkingudpbroadcast
Unless the network is designed by smeone mentally challenged, you will NOT have 10.000 clients in one broadcast domain. THere are those, but they have problems anyway (network wise). Normally a C class network (i.e. the /24, 254 usable addresses) is quite a good size for a broadcast domain.TomTom
@TomTom Yeah, unfortunately you'd be surprised how many 'mentally challenged' people are put in charge of managing huge networks.Xenon
I agree, but then they already have performance problems. SERIOUS problems.TomTom
@TomTom What about with a broadcast domain of 1022 (/22)? Would that cause any network performance issues?Xenon
Not for that, but it theoreticall could - if you have any software. I rather normally limit my stuff to /24 and route between them ;) 1022 should not be too bad. I have oonce seen a complete university on ONE IP network complaining about their crappy performance.TomTom

1 Answers

1
votes

Look at ARP, what you are trying to accomplish is already supported by NIC cards out of the box, for a DOS attack to succeed, packet should translate up the network stack where it consumes user/kernel-process space, CPU and/or other resources, when such packets are received at a faster rate than system can handle, it leads to Denial of Service.