Date: Wed, 21 Apr 2004 16:14:46 -0400 From: Mike Tancsa <mike@sentex.net> To: Borja Marcos <borjamar@sarenet.es>, freebsd-security@freebsd.org Subject: Re: Other possible protection against RST/SYN attacks (was Re: TCP RST attack Message-ID: <6.0.3.0.0.20040421161217.05453308@209.112.4.2> In-Reply-To: <48FCF8AA-93CF-11D8-9C50-000393C94468@sarenet.es> References: <6.0.3.0.0.20040420125557.06b10d48@209.112.4.2> <xzp65buh5fa.fsf@dwp.des.no> <6.0.3.0.0.20040420144001.0723ab80@209.112.4.2> <200404201332.40827.dr@kyx.net> <20040421111003.GB19640@lum.celabo.org> <6.0.3.0.0.20040421121715.04547510@209.112.4.2> <20040421165454.GB20049@lum.celabo.org> <6.0.3.0.0.20040421132605.0901bb40@209.112.4.2> <48FCF8AA-93CF-11D8-9C50-000393C94468@sarenet.es>
next in thread | previous in thread | raw e-mail | index | archive | help
At 04:05 PM 21/04/2004, Borja Marcos wrote:
>>Are there any "bad things" that can happen by doing this ?
>
> Well, not every BGP sessions are established between directly
> connected interfaces. This would not work with "multi-hop BGP" sessions :-)
Thanks, I realize that, especially with iBGP. However for directly
connected eBGP peers, the question still stands.
What side effects if any are there? Why is the default 64 and not
some other number like 255... I am sure the answer is out there, I just
need to find the question so I can cram it into google ;-)
Perhaps this is a better topic for freebsd-net ?
---Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.3.0.0.20040421161217.05453308>