|
|
Re: [RFC PATCH 0/2] Faster/parallel SYN handling to mitigate SYN floods |
On Wed, 2012-05-30 at 10:53 +0200, Christoph Paasch wrote: > On 05/30/2012 10:44 AM, Jesper Dangaard Brouer wrote: > >> > > >> > Then the receiver will receive two SYN/ACK's for the same SYN with > >> > different sequence-numbers. As the "SYN cookie SYN-ACK" will arrive > >> > second, it will be discarded and seq-numbers from the first one will be > >> > taken on the client-side. > > I thought that the retransmitted SYN packet, were caused by the SYN-ACK > > didn't reach the client? > > Or, if the SYN/ACK got somehow delayed in the network and the > SYN-retransmission timer on the client-side fires before the SYN/ACK > reaches the client. That seems like a very unlikely situation, which we perhaps should neglect as we are under SYN attack. I will test the attack vector, if we instead of dropping the reqsk, fall back into the slow locked path. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
[Linux Kernel Discussion] [Ethernet Bridging] [Linux Wireless Networking] [Linux Bluetooth Networking] [Linux Networking Users] [VLAN] [Git] [IETF Annouce] [Linux Assembly] [Security] [Bugtraq] [Photo] [Singles Social Networking] [Yosemite Information] [MIPS Linux] [ARM Linux Kernel] [ARM Linux] [Linux Virtualization] [Linux Security] [Linux IDE] [Linux RAID] [Linux SCSI] [Free Dating]
|
|