[nsd-users] [QUAR] Re: NSD TCP performance

[Andrew Sullivan]

On Fri, Nov 09, 2007 at 01:46:31PM -0500, nsd at dclg.ca wrote:

> Fixing this bug takes the attack from 5+ packets to 4+ packets.  It
> probably doesn't change the length of time that the TCP stack keeps
> the slot open (for FINs) in any measurable way.
> 
> But from a byte count perspective it reduces the overhead transmission
> from 200 bytes to 160 bytes (vs. 120 bytes from the attacker) for v4
> and from 300 bytes to 240 (vs. 180 bytes from the attacker) for v6.

Well, then, it doesn't really seem like such a big deal: you can get
better amplification than that in other ways.  <emily>Never
mind.</litella>

A 

-- 
Andrew Sullivan                         204-4141 Yonge Street
Afilias Canada                        Toronto, Ontario Canada
<andrew at ca.afilias.info>                              M2P 2A8
jabber: ajsaf at jabber.org                 +1 416 646 3304 x4110