On Thu, 17 Jun 2010, RJ Atkinson wrote:
I'm curious how backward compatibility is to work for applications
accepting connections on ILNP-capable hosts. In particular, how to
know whether to calculate the ULP checksum over the full L+I or
just the ILNP style I?
This is described in detail in draft-rja-ilnp-intro.
It is yes, once you've read the Nonce draft. It might perhaps be
clearer to refer more explicitly to the ILNP flagging function of the
Nonce option in the intro draft.
Looking further at the docs, it seems this relies on the Nonce
Option having stateful semantics to indicate "this remote IP knows
ILNP". How will this scale exactly? E.g. imagine servers
communicating with large numbers of clients.
Scaling should be just fine.
Existing TCP/IPv4 implementations for web servers already keep a
significant amount of session state for each TCP session. This is
known to scale adequately for very large numbers of TCP sessions in
several major operating systems (for example, in Solaris and
FreeBSD).
What I have in mind is the fact that TCP state can be burdensome
enough that several OSes implement mechanisms to 'offload' that state
back onto clients, through the "SYN Cookies" technique.
I.e. state is particularly troublesome when it is in kernel
(unpageable memory in many OSes) and instantiable by arbitrary remote
hosts. So I'm wondering what happens if malicious remote hosts
deliberately set out to exhaust an ILNP resources by causing it to
create more and more ILNP session cache entries. ?
regards,
--
Paul Jakma [email protected] Key ID: 64A2FF6A
Fortune:
Sigh. I like to think it's just the Linux people who want to be on
the "leading edge" so bad they walk right off the precipice.
(Craig E. Groeschel)
_______________________________________________
rrg mailing list
[email protected]
http://www.irtf.org/mailman/listinfo/rrg
