nanog mailing list archives
Re: TCP time_wait and port exhaustion for servers
From: David Conrad <drc () virtualized org>
Date: Wed, 5 Dec 2012 15:08:33 -0800
On Dec 5, 2012, at 2:06 PM, Fred Baker (fred) <fred () cisco com> wrote:
If you want to get into software rewriting, the simplest thing I might come up with would be to put TCBs in some form of LRU list and, at a point where you need a port back, close the TCB that least recently did anything. My understanding is that this was implemented 15 years ago to manage SYN attacks, and could be built on to manage this form of "attack".
I can say for certain that it was implemented (at least) twice that long ago (circa 1983) in a TCP implementation for a particular memory constrained environment ("640K should be good enough for anybody") :). Regards, -drc
Current thread:
- Re: TCP time_wait and port exhaustion for servers, (continued)
- Re: TCP time_wait and port exhaustion for servers Mark Andrews (Dec 05)
- Re: TCP time_wait and port exhaustion for servers William Herrin (Dec 05)
- Re: TCP time_wait and port exhaustion for servers Mark Andrews (Dec 05)
- Re: TCP time_wait and port exhaustion for servers Ray Soucy (Dec 06)
- Re: TCP time_wait and port exhaustion for servers Miquel van Smoorenburg (Dec 05)
- Re: TCP time_wait and port exhaustion for servers Mark Andrews (Dec 05)
- Re: TCP time_wait and port exhaustion for servers Mark Andrews (Dec 05)
- Re: TCP time_wait and port exhaustion for servers William Herrin (Dec 05)
- Re: TCP time_wait and port exhaustion for servers Jon Lewis (Dec 05)
- Re: TCP time_wait and port exhaustion for servers Fred Baker (fred) (Dec 05)
- Re: TCP time_wait and port exhaustion for servers David Conrad (Dec 05)
- RE: TCP time_wait and port exhaustion for servers Terry Baranski (Dec 05)
- Re: TCP time_wait and port exhaustion for servers Ray Soucy (Dec 05)
- Re: TCP time_wait and port exhaustion for servers Jon Lewis (Dec 05)
- Re: TCP time_wait and port exhaustion for servers Ray Soucy (Dec 06)
- Re: TCP time_wait and port exhaustion for servers Ray Soucy (Dec 06)
- Re: TCP time_wait and port exhaustion for servers Kyrian (Dec 06)