Date: Thu, 14 Dec 2006 11:29:44 -0800 From: Julian Elischer <julian@elischer.org> To: Andre Oppermann <andre@freebsd.org> Cc: FreeBSD Net <freebsd-net@freebsd.org> Subject: Re: question for TCP gurus (in ipfw) Message-ID: <4581A628.1070909@elischer.org> In-Reply-To: <45812E01.9060200@freebsd.org> References: <458094E7.1060806@elischer.org> <45812E01.9060200@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Andre Oppermann wrote: >> or >> 2/ instead of ACKing all the data in the packet we are resetting, >> how about just ACKing the sequence number it starts with >> and saving ourselves from doing the work of ACKing all the data >> up to the current packet end. (which is the packet we are rejecting >> anyhow) (It takes some calculation to work out the new ack value >> which seems pointless as we are rejecting it..) > > Section 3 of this document describes the situation and requirements > quite accurately: > > http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-06.txt So it sounds like, if the sequence number is in the window but not exact, the receiver sends an ACK which should force the sender to generate another RST that exactly matches. (is that correct?)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4581A628.1070909>