| To: | davem@xxxxxxxxxxxxx (David S. Miller) |
|---|---|
| Subject: | Re: [RFC/PATCH] "strict" ipv4 reassembly |
| From: | Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> |
| Date: | Wed, 18 May 2005 08:11:01 +1000 |
| Cc: | akepner@xxxxxxx, netdev@xxxxxxxxxxx |
| In-reply-to: | <20050517.104947.112621738.davem@xxxxxxxxxxxxx> |
| Organization: | Core |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | tin/1.7.4-20040225 ("Benbecula") (UNIX) (Linux/2.4.27-hx-1-686-smp (i686)) |
David S. Miller <davem@xxxxxxxxxxxxx> wrote: > > Decreasing ipfrag_time is also not an option, because then Here is a possible solution to this: Instead of measuring the distance using time, let's measure it in terms of packet counts. So every time we receive a fragmented packet, we find all waiting fragments with the same src/dst pair. If the id is identical we perform reassembly, if it isn't we increase a counter in that fragment. If the counter exceeds a threshold, we drop the fragment. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt |
| Previous by Date: | Re: [RFC/PATCH] "strict" ipv4 reassembly, Arthur Kepner |
|---|---|
| Next by Date: | Re: [RFC/PATCH] "strict" ipv4 reassembly, David S. Miller |
| Previous by Thread: | Re: [RFC/PATCH] "strict" ipv4 reassembly, Andi Kleen |
| Next by Thread: | Re: [RFC/PATCH] "strict" ipv4 reassembly, David S. Miller |
| Indexes: | [Date] [Thread] [Top] [All Lists] |