you are correct that memory is allocated on a syn with this patch. however, instead of using a large open_request struct and the other resources necessary to track the connection's state, a struct of size 20 B is allocated and stored in a hash table using the ISN (syn_cookie value) as the index into this hash table. the struct caches the window_scale, timestamp, and sack options. it is based on how bsd handles a syn_flood, using a syn_cache in conjunction with syn_cookies.
jensen --- John Heffner <[EMAIL PROTECTED]> wrote: > jensen galan wrote: > > greetings! > > > > this is my first creation of a patch for the linux > > kernel. if you have time, could you please take a > look > > at it and give me some feedback. > > > > this patch creates a syn_cache for caching TCP > options > > when syn_cookies are in use (by default, all TCP > > options are lost when using syncookies). > > > > any feedback on the implementation of this cache > would > > also be appreciated. > > > > if anybody's interested, i have also written a > paper > > on this project. > > > > jensen > > It might be good if you could send a link to the > paper. The point of > syncookies is to allocate zero state on a syn > (storing it entirely in > the ISN). I didn't read the patch that carefully > yet, but it looks like > this is allocating memory on a syn. > > -John > > - > To unsubscribe from this list: send the line > "unsubscribe netdev" in > the body of a message to [EMAIL PROTECTED] > More majordomo info at > http://vger.kernel.org/majordomo-info.html > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html