From: "ZHANG, Le" <r0bertz@gentoo.org>
To: David Miller <davem@davemloft.net>
Cc: eric.dumazet@gmail.com, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, kuznet@ms2.inr.ac.ru,
pekkas@netcore.fi, jmorris@namei.org, yoshfuji@linux-ipv6.org,
kaber@trash.net
Subject: Re: [PATCH] ipv4: mitigate an integer underflow when comparing tcp timestamps
Date: Fri, 26 Nov 2010 00:55:27 +0800 [thread overview]
Message-ID: <20101125165525.GA4480@adriano> (raw)
In-Reply-To: <20101114.115536.71112799.davem@davemloft.net>
[-- Attachment #1: Type: text/plain, Size: 953 bytes --]
On 11:55 Sun 14 Nov , David Miller wrote:
> From: Eric Dumazet <eric.dumazet@gmail.com>
> Date: Sun, 14 Nov 2010 09:52:25 +0100
>
> > Really, if you have multiple clients behind a common NAT, you cannot use
> > this code at all, since NAT doesnt usually change TCP timestamps.
>
> NAT is %100 incompatible with TW recycling, full stop.
>
> There is no maybe, or maybe not.
>
> If you are behind NAT you must not turn this feature on, ever.
Sorry, this question may be OT on this list, but I am just curious:
Is there any other OS has implemented this feature like Linux?
To be very specific, by this feature, I mean rejecting old duplicates based
on per-host cache of last timestamp received from any connections.
As suggested in RFC1323 Appendix B.2 (b).
Does anyone, by any chance, know the answer? Thanks in advance!
--
ZHANG, Le
http://zhangle.is-a-geek.org
0260 C902 B8F8 6506 6586 2B90 BC51 C808 1E4E 2973
[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]
prev parent reply other threads:[~2010-11-25 16:55 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-14 7:35 [PATCH] ipv4: mitigate an integer underflow when comparing tcp timestamps Zhang Le
2010-11-14 8:52 ` Eric Dumazet
2010-11-14 15:00 ` Zhang Le
2010-11-14 19:55 ` David Miller
2010-11-25 16:55 ` ZHANG, Le [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101125165525.GA4480@adriano \
--to=r0bertz@gentoo.org \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=jmorris@namei.org \
--cc=kaber@trash.net \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pekkas@netcore.fi \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).