|
Firewall Wizards
mailing list archives
RE: Inappropriate TCP Resets Considered Harmful
From: Ben Nagy <ben.nagy () marconi com au>
Date: Mon, 14 May 2001 11:33:12 +1000
Well, DUH. ;)
But why is trying to connect twice instead of once inherently bad? It's not
like the Internet isn't chatty already. These double connects would occur in
the wild, sometimes, just because of transmission delay and agressive
initial retry timeouts. It's hardly going to Break The Internet, and it
seems like a decent way for the ECNophiles to be able to gracefully phase
things in.
I thought you were going to go on about how you'd need extra state in the
TCP stack to work out whether it was in ECN or non-ECN SYN-SENT and how the
implementation could lead to nasty problems etc etc.
Cheers!
--
Ben Nagy
Network Security Specialist
Marconi Services Australia Pty Ltd
Mb: +61 414 411 520 PGP Key ID: 0x1A86E304
-----Original Message-----
From: Darren Reed [mailto:darrenr () reed wattle id au]
[...]
Retrying in response to an RST is bad because an RST is not
an indicator
of a communications problem. It is saying that the service
is not available.
[...]
Darren
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
- RE: Inappropriate TCP Resets Considered Harmful, (continued)
| 
