[4242] in linux-net channel archive
Re: SYN floods
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Fri Aug 30 20:15:24 1996
Date: Fri, 30 Aug 1996 13:49:42 -0400
From: "Theodore Y. Ts'o" <tytso@mit.edu>
To: "Eric Schenk" <schenk@cs.toronto.edu>
Cc: linux-vger@wab-tis.rabobank.nl, linux-net@vger.rutgers.edu
In-Reply-To: Eric Schenk's message of Thu, 29 Aug 1996 14:47:47 -0400,
<96Aug29.144753edt.15383@dvp.cs.toronto.edu>
Date: Thu, 29 Aug 1996 14:47:47 -0400
From: "Eric Schenk" <schenk@cs.toronto.edu>
I've been checking through the RFC's and it appears that we can use a
seperate set of timeouts for the initial establishment of the connection,
as opposed to timeouts for estalbished connections. Currently we only use
a seperate timeout for connections initiated by the local box. Even then,
this timeout is perhaps a bit long, somewhere around the 13 minute mark
in 2.0.x. BSD uses a 75 second timeout for this, but this is perhaps
a bit short, especially for on-demand links over a busy phone line.
Why not make this a run-time configurable option, via the sysctl
interface? If you have a direct connection to the internet, then you'll
want a different timeout than if you're doing on-demand links. In fact,
probably the right thing to do is to set up the defaults for a direct
connection to the internet, and have the daemon which does the on-demand
dialing to set the timeout if the link is down, and change the tiemout
to something else once the link is up.....
- Ted
