Re: Re: [release] ipsysctl tutorial 1.0.1

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Oskar Andreasson wrote:

>However, I notice one _big_ if in the page you are referring to, which by 
>the way is quite old (dated circa 1996). 
>
I have a distinct feeling that many IP based protocols don't change a 
lot within these types of timespans.  Look at how long IPv6 is taking to 
deploy.

>"4. TCP options such as RFC1323, SACK and T/TCP options cannot be used."
>
>Nowhere does the documents explain how these problems can be solved (I 
>haven't read the whole document yet, so I may burst out prematurely... but 
>I wanted to respond to your questions:)).
>
I would assume that those options use bits in the packet header that SYN 
cookies also use and therefore make unpredictable.  I'm not sure either 
though.  FWIW, I've run all my machines 2.2.x and up with SYN cookies 
turned on with no (known) ill effects; PCs and servers alike.

-- 
Michael T. Babcock
C.T.O., FibreSpeed Ltd.
http://www.fibrespeed.net/~mbabcock


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux