Re: Is there any T/TCP patch for kernel 2.2.*

From: Andi Kleen (ak@suse.de)
Date: Fri Sep 22 2000 - 13:22:18 EST


On Fri, Sep 22, 2000 at 02:11:27PM -0400, Albert D. Cahalan wrote:
> >> Is there any T/TCP patch for kernel 2.2.16? thanks.
> >
> > Maybe, but you don't want it. T/TCP is inherently insecure.
>
> Within a cluster though, T/TCP could be useful. What about
> enabling it on trusted interfaces?

T/TCP makes a mess out of the TCP SYN_RECV processing. It is already far too
complex and has too many subtle cases.

In clusters TCP is overkill anyways, you probably do better with lightweight
UDP protocols running directly out of user space and without checksums.

-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sat Sep 23 2000 - 21:00:27 EST