[4456] in linux-net channel archive
Re: SYN floods
daemon@ATHENA.MIT.EDU (Matthias Urlichs)
Tue Sep 17 14:17:02 1996
From: Matthias Urlichs <smurf@smurf.noris.de>
To: linux-net@vger.rutgers.edu
Date: Tue, 17 Sep 1996 19:29:56 +0100
In linux.dev.net, article <Pine.LNX.3.91.960826235606.2057E-100000@cirr=
us.bluesky.net>,
Racer X <shagboy@wspice.com> writes:
>=20
> Let's forget about the first problem. There are too many routers, TC=
P=20
> stacks, etc., that would have to be modified to allow one to discover=
the=20
> actual source of the SYN packet. That's not going to happen anytime=20
> before IPv6 comes around, which will hopefully solve these problems=20
> anyway.
>=20
IPv6 does nothing of the sort.
Mandating that a given IP packet arrives on the interface you think it
should arrive on might be a good idea in theory, but asymmetric routing=
is
a fact of life and checking the routing table twice is additional work =
for
the router.
But that's independent of which particular version of IP you're using.
--=20
In 1954, Henry Bascomb replaced the bulbs atop the tower
of the Empire State Building, and said it was the high light
of his career.
-- "On This Day in History"
--=20
Matthias Urlichs \ noris network GmbH / Xlink-POP N=FCrnberg=
=20
Schleiermacherstra=DFe 12 \ Linux+Internet / EMail: urlichs@nor=
is.de
90491 N=FCrnberg (Germany) \ Consulting+Programming+Networking+etc=
'ing
PGP: 1024/4F578875 1B 89 E2 1C 43 EA 80 44 15 D2 29 CF C6 C7 E0 D=
E
Click <A HREF=3D"http://info.noris.de/~smurf/finger">here</A>. =
42
