> > SYN cookies may prevent correct error reporting on clients when the
> > server is really overloaded. If this happens frequently better turn
> > them off.
>
> It would be nice to know exactly *how* things are supposed to fail when
> this happens instead of just knowing they *might*.
You can read about this in notes of syncookies inventor: Dan Bernstein.
I think you can easily find them via Altavista.
I'll try to elaborate this in ip-sysctl.txt.
Shortly: syncookies present serious violation of TCP protocol.
It is fallback and mighty weapon against synfloods, but
they are not accepatble in any normal circumstances.
Practice showed, that administrators of loaded servers after
short period of enthusiasm turn off syncookies forever, because
clients start to blame about strange behaviour: massive hanging
SMTP connections, magic resets etc. (see Bernstein notes)
Yes, and there is no programmable method to distinguish
"normal" curcumstances of the case of synflood without human's eyes.
Actually, traffic patterns on loaded servers is very close
to one generated by floods.
If this method will be found, syncookies can be enabled by default.
Now short blackout periods are better than syncookies yet.
> cookies, *all* of these services became unavailable pretty quickly and it
Exactly.
> As a result, I'm thinking syn-cookies should be enabled by default,
When you walk streets of your native town, do you really have gun, couple
of grenades and Stinger under arms by default? No? Why?
What will occur, when a terrible terrorist jumps out of bushes?
You are defenceless! 8)
> Suggestions?
First, to improve kernel for normal loaded case.
Second, fight to synfloods using methods acceptable in any society.
Alexey
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/