On 8/21/15, Mike Perry <[email protected]> wrote: > ... > What I really need now is any examples of common routers that have a > default inactive/idle timeout below 10s, or allow you to set it below > 10s. So far I have not found any.
i recall a switch vendor that used overflow condition to trim timeouts lower, but this is different from a hard, low limit by configuration. i'll see what i can dig up... best regards, P.S. flow tracking systems always make me point at c++ & scapy userspace driven raw injection around massive flow sybils as retort in their raw take and analytics. most efficient state representation of TCP behavior in memory? it's a fun challenge :P [ P.P.S. this may just crash your in-path, rather than DoS. keep a backup route! ]
