On Tue, 1 Dec 2009 22:19:10 -0800, "Dan Wing" <dw...@cisco.com> wrote: >> I'm a bit worried about this. If e.g. the host is 100ms (RTT) away and >> 10 combinations work, you may end up creating TCP state (and getting >> syn-acks back) on the destination host for 10 connections, > > Are there servers that don't use SYN-cookies now-a-days?
IIRC, recent Linux kernel version have SYN-cookies disabled by default as they were found to make things often worse rather than better. -- Rémi Denis-Courmont -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
