I should have writen: a sysctl, with the default to off, for better
T/TCP interoperability for people in intranets where they don't care
too much about DOS attacks.
Another point: we could limit the maximal data sized queued with the SYN -
as long as sizeof(struct open_request) + maxpacketsize <= sizeof(struct sock)
the situation is not worse than with stock 2.0 without syncookies ;)
Ok, I see the point.
T/TCP is often nice for small transactions where only a few bytes need
to be reliably transfered. This check would allow that nicely.
I'm hitting the wire from userland in 35usec right now, how much
faster do you want the stuff to go? Believe me, T/TCP will be slower
for a lot of common cases compared to our current streamlined "normal"
TCP ;-)))
Later,
David S. Miller
davem@dm.cobaltmicro.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu