[158643] in North American Network Operators' Group
Re: TCP time_wait and port exhaustion for servers
daemon@ATHENA.MIT.EDU (David Conrad)
Wed Dec 5 18:09:29 2012
From: David Conrad <drc@virtualized.org>
In-Reply-To: <8C48B86A895913448548E6D15DA7553B6F9FC4@xmb-rcd-x09.cisco.com>
Date: Wed, 5 Dec 2012 15:08:33 -0800
To: Fred Baker (fred) <fred@cisco.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 5, 2012, at 2:06 PM, Fred Baker (fred) <fred@cisco.com> wrote:
> If you want to get into software rewriting, the simplest thing I might =
come up with would be to put TCBs in some form of LRU list and, at a =
point where you need a port back, close the TCB that least recently did =
anything. My understanding is that this was implemented 15 years ago to =
manage SYN attacks, and could be built on to manage this form of =
"attack".
I can say for certain that it was implemented (at least) twice that long =
ago (circa 1983) in a TCP implementation for a particular memory =
constrained environment ("640K should be good enough for anybody") :).
Regards,
-drc
