Reflection on Wirezhttps://wirez.top/tags/reflection/Recent content in Reflection on WirezHugoenFri, 01 May 2026 00:00:00 +0000Asymmetric routing breaks filters; ReAct fixes ithttps://wirez.top/posts/asymmetric-routing-breaks-filters-react-fixes-it/Fri, 01 May 2026 00:00:00 +0000https://wirez.top/posts/asymmetric-routing-breaks-filters-react-fixes-it/<meta charset="utf-8"> <!-- wp:html --> <script type="application/ld+json"> { "@context": "https://schema.org", "@type": "FAQPage", "mainEntity": [ { "@type": "Question", "name": "What happens to legitimate traffic when asymmetric routing breaks symmetric filters?", "acceptedAnswer": { "@type": "Answer", "text": "Symmetric filters drop valid packets because counters fail to match divergent paths. This causes immediate service disruption and revenue loss for platforms unable to tolerate downtime during normal routing fluctuations." } }, { "@type": "Question", "name": "Can ReAct run on standard switches or only specific programmable hardware?", "acceptedAnswer": { "@type": "Answer", "text": "ReAct requires programmable data planes found in Intel Tofino switches and Nvidia Bluefield-3 SmartNICs. These devices allow custom programs to track transaction IDs across disjointed network segments effectively." } }, { "@type": "Question", "name": "Does ReAct introduce false positives that block legitimate user sessions?", "acceptedAnswer": { "@type": "Answer", "text": "ReAct eliminates false positives by accurately matching requests and responses regardless of path divergence. This ensures zero percent of legitimate traffic is dropped during asymmetric routing events." } }, { "@type": "Question", "name": "How does ReAct handle the massive amplification factors seen in NTP attacks?", "acceptedAnswer": { "@type": "Answer", "text": "ReAct validates individual transaction IDs to stop amplified floods without needing symmetric paths. It prevents NTP reflection attacks from generating response streams roughly 500 times larger than queries." } }, { "@type": "Question", "name": "What memory overhead does ReAct add when sizing bloom filter bitarrays?", "acceptedAnswer": { "@type": "Answer", "text": "Operators must size bloom filter bitarrays against an 11% memory overhead ceiling. Exceeding this limit prevents hash collisions while maintaining high-speed lookup performance on programmable switches." } } ] } </script> <!-- /wp:html --> <!-- wp:html --> <style> .faq-section { margin: 24px 0; padding: 24px 0; border-top: 2px solid #e5e7eb; } .faq-section-title { color: #1a1a1a; font-size: clamp(1.2rem, 3vw, 1.4rem); font-weight: 700; margin-bottom: 24px; text-align: center; } .faq-item { background: #fff; border: 1px solid #e5e7eb; border-radius: 8px; margin-bottom: 12px; overflow: hidden; transition: all 0.3s ease; } .faq-item:hover { border-color: #2563eb; box-shadow: 0 4px 6px rgba(0,0,0,0.05); transform: translateY(-2px); } .faq-question { background: #f9fafb; padding: 12px 16px; cursor: pointer; position: relative; transition: all 0.3s ease; border: none; width: 100%; text-align: left; font-family: inherit; display: block; } .faq-question:hover { background: #e8f0fe; } .faq-question-text { color: #1a1a1a; font-size: 1rem; font-weight: 600; line-height: 1.5; margin: 0; padding-right: 2rem; display: inline-block; } .faq-answer { max-height: 0; overflow: hidden; transition: max-height 0.4s ease, padding 0.4s ease; padding: 0 16px; } .faq-item.active .faq-answer { max-height: 1000px; padding: 0 16px 16px; } .faq-answer-text { color: #4b5563; font-size: 1rem; line-height: 1.7; margin: 12px 0 0; } </style> <script> (function() { function initFAQ() { var qs = document.querySelectorAll(".faq-question"); for (var i = 0; i < qs.length; i++) { qs[i].addEventListener("click", function() { var item = this.closest(".faq-item"); var wasActive = item.classList.contains("active"); var allItems = document.querySelectorAll(".faq-item"); for (var j = 0; j < allItems.length; j++) { allItems[j].classList.remove("active"); } if (!wasActive) item.classList.add("active"); this.setAttribute("aria-expanded", String(!wasActive)); }); } } if (document.readyState === "loading") { document.addEventListener("DOMContentLoaded", initFAQ); } else { initFAQ(); } })(); </script> <!-- /wp:html --> <!-- wp:paragraph {"className":"std-text"} --> <!-- /wp:paragraph --> <!-- wp:paragraph {"className":"std-text"} --> <p class="std-text">Amplified reflection attacks now exploit diverse protocols like Microsoft RDP and Chameleon, moving beyond traditional <a href="https://en.wikipedia.org/wiki/Domain_Name_System" target="_blank" rel="noopener noreferrer">DNS</a> vectors.</p>