[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: TCP SYN Cookies for NetBSD
On Tue, 06 Nov 2012, Robert Elz wrote:
Date: Mon, 5 Nov 2012 22:26:59 -0500 (EST)
From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
| Except that it's not; it's no different from a server that crashes
| immediately after sending _every_ SYN|ACK packet
No, only the ones where the returning ACK is lost by the network.
That is, it is the same as a server that crashes sometimes. That's
If you have N% packet loss (for reasonable values of N), and
if the losses are evenly distributed per packet, then SYN
cookies amplify the problem from "N% of packets get lost but
retransmission causes most TCP connections to work anyway" to "N%
of TCP connections get into this stuck state".
I just tried "ping -c100 -i1 www.netbsd.org" twice, and got
3% ping loss once and 5% loss once. Since a successful ping
requires two packets, the packet loss rate is somewhere around
1.5% to 2.5%. Such a packet loss rate is annoying, but if it were
amplified to a 1.5% to 2.5% TCP connection failure rate then it
would be much more annoying.
--apb (Alan Barrett)
Main Index |
Thread Index |