On Thursday, September 11, 2003, at 06:13 PM, Jun-ichiro itojun Hagino 
wrote:

>>  * There are environments where the computational cost does not 
>> justify
>>   deploying this fix.
>
> 	have you measured it?  i mean, not on the userland but macro benchmark
> 	like scp/ftp/whatever.  i there *any* noticeable difference?
>
> 	(if you use vax/pdp, yeah, maybe...)

I use VAX systems.  I have 40MHz MIPS cpus with FDDI.
The overhead is real.

I have always believed the ip_id "attack" is just hype.  The only useful
info they get is how fast you are sending packets, maybe.  They can 
still
synthesize junk IP packets using your address without knowing ip_id.
-- 
Matt Thomas                     email: matt@3am-software.com
3am Software Foundry              www: 
http://3am-software.com/bio/matt/ Cupertino, CA              
disclaimer: I avow all knowledge of this message.