Date: Mon, 09 Jul 2001 18:01:11 -0700 From: "Crist Clark" <crist.clark@globalstar.com> To: Darren Reed <avalon@coombs.anu.edu.au> Cc: "Crist J. Clark" <cclark@globalstar.com>, Dragos Ruiu <dr@kyx.net>, Mike Silbersack <silby@silby.com>, cjclark@alum.mit.edu, Yonatan Bokovza <Yonatan@xpert.com>, "'freebsd-security@freebsd.org'" <freebsd-security@FreeBSD.ORG> Subject: Re: FW: Small TCP packets == very large overhead == DoS? Message-ID: <3B4A53D7.287F47AF@globalstar.com> References: <200107100039.KAA06761@caligula.anu.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Darren Reed wrote: [snip] > The devil is in the details. The paragraph about "segment length" explains > it pretty well - it's the amount of sequence number space (i.e. data length). > > The data payload of the IP packet (above) is 1480 bytes long, the TCP > segment size (again data payload) is 1460. The segment length (or size) > is the sequence number space which is the same as data payload length. > > I think you're saying that "TCP segment" to be something it isn't. The TCP segment is everything in the IP payload. An SYN segment is a TCP segment, but it carries no data and has a segment length of one (whee!). I can see that clearly in the RFC, and I think we all cab agree on that. However, I think that a SYN segment, which is all header, has a size greater than one. It looks more like 24-or-so bytes typically... or maybe it does not. I am looking for where (if anywhere) the specification comes out and says that segment "size" is the same as "length." Why isn't the MSS called the MSL after the RFC has gone to such pains to define "length?" -- Crist J. Clark Network Security Engineer crist.clark@globalstar.com Globalstar, L.P. (408) 933-4387 FAX: (408) 933-4926 The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact postmaster@globalstar.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B4A53D7.287F47AF>