Subject: Re: interrupt rate from a NIC
To: Martin Husemann <>
From: Kevin Lahey <>
List: tech-net
Date: 03/07/2003 12:28:39
On Fri, 7 Mar 2003 09:35:06 +0100
Martin Husemann <> wrote:

> Could someone please remind me why the syn-cookie aproach was considered bad?

I've always thought it was a bad idea because you can't properly preserve
all of the TCP options that arrive with the SYN, including stuff like
MSS, SACK ok, timestamps, etc.  Now, I think that you *could* actually
squeeze the important stuff into the sequence number, but then it wouldn't
be very random, because you wouldn't have many extra bits to play with.

I was a little surprised to see that FreeBSD now uses SYN cookies.
A brief perusal of the code suggests that they assume that the MSS will
compress into just a couple of bits, which could present some interesting
problems, especially with things like MSS clamping (another possibly 
questionable hack, but, hey, there it is).  I didn't read on to see what
they were doing about window scaling.

As far as the SACK okay and the rest of it, well, unexpectedly providing
timestamps or SACK options really *shouldn't* confuse a modern TCP
implementation.  OTOH, it *is* strictly speaking a violation of the
appropriate standards.

Did I read the FreeBSD code right, or am I just confused?