[Top] [All Lists]

Re: [RFC/PATCH] "strict" ipv4 reassembly

To: Andi Kleen <ak@xxxxxx>
Subject: Re: [RFC/PATCH] "strict" ipv4 reassembly
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 18 May 2005 10:09:55 +1000
Cc: dlstevens@xxxxxxxxxx, rick.jones2@xxxxxx, netdev@xxxxxxxxxxx
In-reply-to: <m11x85762p.fsf@xxxxxx>
References: <E1DYBED-0006wa-00@xxxxxxxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.61.0505171612440.3335@xxxxxxxxxx> <20050517232556.GA26846@xxxxxxxxxxxxxxxxxxx> <m11x85762p.fsf@xxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040907i
On Wed, May 18, 2005 at 02:04:14AM +0200, Andi Kleen wrote:
> Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> writes:
> >
> > Perhaps you misunderstood what I was saying.  I meant are there any
> > extant systems that would transmit 1 set of fragments to host A with
> > id x, then 65535 packets host B, and then wrap around and send a new
> > set of fragments to host A with idx.
> >
> > Linux will never do this thanks to inetpeer.c.
> It will, you just need enough other hosts to thrash inetpeer. How many
> you need depends on your available memory.

Even when the cache entry is deleted, Linux will allocate an ID randomly
so the chance of what was stated above occuring is very small.

Visit Openswan at
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page:
PGP Key:

<Prev in Thread] Current Thread [Next in Thread>