[e2e] TCP-SYN and delayed TCB allocation
Alok Dube
alok.dube at apara.com
Wed May 28 07:06:03 PDT 2003
Hi Joe,
> > B) has it been modified that it is now done after the 1st ACK?
> >
> > if not, any reason why not B? we would so the same if we had a
> > "NAT/Firewall" with delayed binding etc
>
> If B), where do you put the data that could have been sent in the SYN?
> I'm not sure you can ACK the SYN without ACKing the data therein (though
> you don't deliver it until receiving the ACK and transitioning to
> ESTABLISHED)...
yes,
also in case the SYN has no data, the above cant be done as one needs to
store the SIP+SPORT+ACK number somewhere so that when the next ACK comes in,
the server knows what transaction is for...
maybe more appropriate question is "when is the send and recv buffer
allocated"
but how much is allocated? is it simply sizeof(SIP+DIP+SPORT+DPORT+SEQ) ? or
some more? I mean how much memory would a SYN allocate?
whats confusing me is that the defination of TCB says it also contains
pointers to the send and recv buffers
so if the window size is provided in the SYN, it means that a malloc() for
the window sized send buffer is also already done?
its the exact sequence of a DDoS syn attack that im trying to figure out..?
if i send a syn flood with a higher window size on
More information about the end2end-interest
mailing list