| To: | rick.jones2@xxxxxx |
|---|---|
| Subject: | Re: [RFC/PATCH] "strict" ipv4 reassembly |
| From: | "David S. Miller" <davem@xxxxxxxxxxxxx> |
| Date: | Tue, 17 May 2005 15:12:39 -0700 (PDT) |
| Cc: | netdev@xxxxxxxxxxx, netdev-bounce@xxxxxxxxxxx |
| In-reply-to: | <428A613F.1020303@xxxxxx> |
| References: | <20050517202730.GA79960@xxxxxx> <20050517.140245.71090021.davem@xxxxxxxxxxxxx> <428A613F.1020303@xxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
From: Rick Jones <rick.jones2@xxxxxx> Date: Tue, 17 May 2005 14:25:19 -0700 > just how much extra overhead would there be to track the interarrival time of > ip > datagram fragments and would that allow someone to make a guess as to how > long > to reasonably wait for all the fragments to arrive? (or did I miss that being > shot-down already?) I spam you with fragments tightly interspaced matching a known shost/dhost/ID tuple, lowering your interarrival estimate. The legitimate fragment source can thus never get his fragments in before the timer expires. Every other one of these IP fragmentation ideas tends to have some DoS hole in it. |
| Previous by Date: | Re: [RFC/PATCH] "strict" ipv4 reassembly, Herbert Xu |
|---|---|
| Next by Date: | Re: [RFC/PATCH] "strict" ipv4 reassembly, David S. Miller |
| Previous by Thread: | Re: [RFC/PATCH] "strict" ipv4 reassembly, Rick Jones |
| Next by Thread: | Re: [RFC/PATCH] "strict" ipv4 reassembly, Rick Jones |
| Indexes: | [Date] [Thread] [Top] [All Lists] |