From owner-freebsd-security Sun Jul 8 23:37:49 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.kyx.net (s216-232-31-82.bc.hsia.telus.net [216.232.31.82]) by hub.freebsd.org (Postfix) with ESMTP id 9432A37B405 for ; Sun, 8 Jul 2001 23:37:45 -0700 (PDT) (envelope-from dr@kyx.net) Received: from smp.kyx.net (unknown [10.22.22.45]) by mail.kyx.net (Postfix) with SMTP id D527E1DC03; Sun, 8 Jul 2001 23:44:42 -0700 (PDT) From: Dragos Ruiu Organization: kyx.net To: Mike Silbersack Subject: Re: FW: Small TCP packets == very large overhead == DoS? Date: Sun, 8 Jul 2001 22:50:14 -0700 X-Mailer: KYX-CP/M [version core00-mail-92] Content-Type: text/plain Cc: , Darren Reed , Yonatan Bokovza , "'freebsd-security@freebsd.org'" References: <20010708213736.C26132-100000@achilles.silby.com> In-Reply-To: <20010708213736.C26132-100000@achilles.silby.com> MIME-Version: 1.0 Message-Id: <0107082333531I.08020@smp.kyx.net> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, 08 Jul 2001, Mike Silbersack wrote: > There's nothing wrong with questioning the correctness of RFCs. They > were, after all, written by ordinary mortals like everyone in this > discussion. Certainly agreed. But I think the right way to do this is via changing the RFC in the IETF so that all the implementations are consistent rather than building yet another non-standard implementation of the standard. (Insert Tannenbaum standards quote "Nice thing about standards, there are so many to choose from." :-) > Maybe 256 is too high, perhaps 128 would be more reasonable. 64 seems way > too small in any case. I'm of a differing opinion. Using standard 20 byte headers instead of the more fanciful maximal IP option headers this gives 44 bytes of payload. I recall one standards group that argued for months about packetsize issues where for some applications the representatives argued that 64 bytes was too large a packetsize (this particular debate was over 32 or 64 byte cells, and oddly enough they agreed on 48 for no particular reason other than to stop arguing :-). > Your arguement about latency isn't relevant here. If you were writing a > latency-sensitive app, you wouldn't be running tcp. Also, as I understand > it, we're setting a minimum on the maximum, not a minimum on the minimum. Why wouldn't I want to use an error corrected channel on a latency sensitive app? I have written an applicaiton that needs this. It is exactly "optimizations" like these that drive streaming implementers to need to reinvent the wheel and develop their own error correction protocols on top of UDP. IMHO It's actually a minimum... If I understand MSS application (which I feel I do) it's what the packet sizes the OS will fragment the data into to convey it efficiently across the channel, which works out into pretty much being the minimum packet size the OS will segment streams into. Please correct me if I have made an error, as I too am merely human. But that's just my two cents, you gentlemen are free to implement what you choose, and I'm free to move my encrypted streaming app to whatever OSes I choose or force my users to patch kernels to use it accordingly. It's just less messy for me if this isn't changed. It may in practice not even be a big deal, but again, I question the logic of changing the implementations to forestall a hypothetical attack of marginal effect on another OS. cheers, --dr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message