From owner-freebsd-security@FreeBSD.ORG  Wed Apr 21 13:12:55 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C731116A4CE
	for <freebsd-security@freebsd.org>;
	Wed, 21 Apr 2004 13:12:55 -0700 (PDT)
Received: from smtp3b.sentex.ca (smtp3b.sentex.ca [205.211.164.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 80CF343D49
	for <freebsd-security@freebsd.org>;
	Wed, 21 Apr 2004 13:12:55 -0700 (PDT)	(envelope-from mike@sentex.net)
Received: from avscan1.sentex.ca (avscan1.sentex.ca [199.212.134.11])
	by smtp3b.sentex.ca (8.12.11/8.12.11) with ESMTP id i3LKCor4076345;
	Wed, 21 Apr 2004 16:12:55 -0400 (EDT)
	(envelope-from mike@sentex.net)
Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18])
	by avscan1.sentex.ca (8.12.10/8.12.10) with ESMTP id i3LKCn3x085545;
	Wed, 21 Apr 2004 16:12:49 -0400 (EDT)
	(envelope-from mike@sentex.net)
Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27])
	by lava.sentex.ca (8.12.11/8.12.11) with ESMTP id i3LKCmiM045206;
	Wed, 21 Apr 2004 16:12:48 -0400 (EDT)
	(envelope-from mike@sentex.net)
Message-Id: <6.0.3.0.0.20040421161217.05453308@209.112.4.2>
X-Sender: mdtpop@209.112.4.2 (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 6.0.3.0
Date: Wed, 21 Apr 2004 16:14:46 -0400
To: Borja Marcos <borjamar@sarenet.es>, freebsd-security@freebsd.org
From: Mike Tancsa <mike@sentex.net>
In-Reply-To: <48FCF8AA-93CF-11D8-9C50-000393C94468@sarenet.es>
References: <6.0.3.0.0.20040420125557.06b10d48@209.112.4.2>
 <xzp65buh5fa.fsf@dwp.des.no>
 <6.0.3.0.0.20040420144001.0723ab80@209.112.4.2>
 <200404201332.40827.dr@kyx.net>
 <20040421111003.GB19640@lum.celabo.org>
 <6.0.3.0.0.20040421121715.04547510@209.112.4.2>
 <20040421165454.GB20049@lum.celabo.org>
 <6.0.3.0.0.20040421132605.0901bb40@209.112.4.2>
 <48FCF8AA-93CF-11D8-9C50-000393C94468@sarenet.es>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Virus-Scanned: by amavisd-new
Subject: Re: Other possible protection against RST/SYN attacks (was Re:
 TCP RST attack
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Apr 2004 20:12:55 -0000

At 04:05 PM 21/04/2004, Borja Marcos wrote:
>>Are there any "bad things" that can happen by doing this ?
>
>         Well, not every BGP sessions are established between directly 
> connected interfaces. This would not work with "multi-hop BGP" sessions :-)

Thanks, I realize that, especially with iBGP. However for directly 
connected eBGP peers, the question still stands.

What side effects if any are there?  Why is the default 64 and not 
some  other number like 255... I am sure the answer is out there, I just 
need to find the question so I can cram it into google ;-)

Perhaps this is a better topic for freebsd-net ?

         ---Mike