From owner-freebsd-security  Mon Jul  9 17:50:19 2001
Delivered-To: freebsd-security@freebsd.org
Received: from earth.backplane.com (earth-nat-cw.backplane.com [208.161.114.67])
	by hub.freebsd.org (Postfix) with ESMTP id ED9CF37B408
	for <freebsd-security@FreeBSD.org>; Mon,  9 Jul 2001 17:50:15 -0700 (PDT)
	(envelope-from dillon@earth.backplane.com)
Received: (from dillon@localhost)
	by earth.backplane.com (8.11.3/8.11.2) id f6A0ncE05960;
	Mon, 9 Jul 2001 17:49:38 -0700 (PDT)
	(envelope-from dillon)
Date: Mon, 9 Jul 2001 17:49:38 -0700 (PDT)
From: Matt Dillon <dillon@earth.backplane.com>
Message-Id: <200107100049.f6A0ncE05960@earth.backplane.com>
To: Darren Reed <avalon@coombs.anu.edu.au>
Cc: cclark@globalstar.com (Crist J. Clark),
	avalon@coombs.anu.edu.au (Darren Reed), dr@kyx.net (Dragos Ruiu),
	silby@silby.com (Mike Silbersack), cjclark@alum.mit.edu,
	Yonatan@xpert.com (Yonatan Bokovza),
	freebsd-security@FreeBSD.org ('freebsd-security@freebsd.org')
Subject: Re: FW: Small TCP packets == very large overhead == DoS?
References:  <200107100039.KAA06761@caligula.anu.edu.au>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

:...
:> Which uses the term "length." However, the definition of MSS only
:> talks about "size," and there is no indication I find that "size" and
:> "length" are the same thing.
:> 
:> So either all of the TCP implementations I can find are wrong and seem
:> to believe MSS is the maximum data length within a segment as opposed
:> to the actual segment size, or I am wrong. 
:
:The devil is in the details.  The paragraph about "segment length" explains
:it pretty well - it's the amount of sequence number space (i.e. data length).
:
:The data payload of the IP packet (above) is 1480 bytes long, the TCP
:segment size (again data payload) is 1460.  The segment length (or size)
:is the sequence number space which is the same as data payload length.
:
:I think you're saying that "TCP segment" to be something it isn't.
:
:Darren

    The sequence space includes SYN and FIN.  Just think of them as
    phantom data bytes and everything becomes much more clear.

						-Matt


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message