[Top] [All Lists]

Re: [RFC/PATCH] "strict" ipv4 reassembly

To: rick.jones2@xxxxxx
Subject: Re: [RFC/PATCH] "strict" ipv4 reassembly
From: "David S. Miller" <davem@xxxxxxxxxxxxx>
Date: Tue, 17 May 2005 15:12:39 -0700 (PDT)
Cc: netdev@xxxxxxxxxxx, netdev-bounce@xxxxxxxxxxx
In-reply-to: <428A613F.1020303@xxxxxx>
References: <20050517202730.GA79960@xxxxxx> <20050517.140245.71090021.davem@xxxxxxxxxxxxx> <428A613F.1020303@xxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
From: Rick Jones <rick.jones2@xxxxxx>
Date: Tue, 17 May 2005 14:25:19 -0700

> just how much extra overhead would there be to track the interarrival time of 
> ip 
> datagram fragments and would that allow someone to make a guess as to how 
> long 
> to reasonably wait for all the fragments to arrive? (or did I miss that being 
> shot-down already?)

I spam you with fragments tightly interspaced matching a known
shost/dhost/ID tuple, lowering your interarrival estimate.  The
legitimate fragment source can thus never get his fragments in
before the timer expires.

Every other one of these IP fragmentation ideas tends to have
some DoS hole in it.

<Prev in Thread] Current Thread [Next in Thread>