From owner-freebsd-hackers Wed Sep 25 00:16:55 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA26695 for hackers-outgoing; Wed, 25 Sep 1996 00:16:55 -0700 (PDT) Received: from genesis.atrad.adelaide.edu.au (genesis.atrad.adelaide.edu.au [129.127.96.120]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id AAA26551 for ; Wed, 25 Sep 1996 00:16:44 -0700 (PDT) Received: from msmith@localhost by genesis.atrad.adelaide.edu.au (8.6.12/8.6.9) id QAA08059; Wed, 25 Sep 1996 16:46:24 +0930 From: Michael Smith Message-Id: <199609250716.QAA08059@genesis.atrad.adelaide.edu.au> Subject: Re: Random drop solves SYN flooding problems To: michael@memra.com (Michael Dillon) Date: Wed, 25 Sep 1996 16:46:23 +0930 (CST) Cc: freebsd-hackers@freebsd.org, server-linux@netspace.org In-Reply-To: from "Michael Dillon" at Sep 24, 96 11:24:36 pm MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Michael Dillon stands accused of saying: > first attempt. For example, at 1200 bogus SYNs/sec and the IRIX 6.3 > telnet listen queue of 383, there should be no trouble with peers > with RTT up to about 300 milliseconds. I've tested with a telnet > client 250 milliseconds away while simultaneously bombing the machine > from nearby with ~1200 SYNs/sec, and see no telnet TCP retransmissions. Yeah, great if you and all your clients are in the continental USA and have unloaded high-speed links to you. 250ms is about the rtt of a 14k link using 'average' modems. Stuff the rest of the world of course. 8( -- ]] Mike Smith, Software Engineer msmith@atrad.adelaide.edu.au [[ ]] Genesis Software genesis@atrad.adelaide.edu.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control (ph/fax) +61-8-267-3039 [[ ]] Collector of old Unix hardware. "Where are your PEZ?" The Tick [[