In message <20031126202131.9CB928B@coconut.itojun.org>
Jun-ichiro itojun Hagino writes:


[...]

>> The only way to reduce or eliminate this risk to ensure the maximum 
>> delay before reusing ip_id's.
>
>	i can't really parse what you are trying to mean.  

He's giving you a terse explanation of why quickly-repeating ip_ids
are a really bad idea. The current randomized ip_ids are just one
special case.

>	ip_randomid() there's guaranteed recycle period, which is about 12000.
>	yes, the likelihood of the problem like you stated will increase
>	by factor of (64K/12K), but with that cost we can buy hard-to-guess
>	fragment ID.

You seem to take it as an article of faith that somewhat harder to
predict ip_ids is worth *all* the downsides it carries with it.  I
haven't noticed anyone else here who shares that opinion.

Instead, I see several different people articulating the same
fundamental issue, all saying that the alleged security from
randomized IP IDs just isnt worth it -- in some cases, saying that
even if the random-id algoithm cost no more than the prior linear
incrementing IDs, it *still* isn't worth it.

Shouldn't that be telling you something?