Date: Thu, 8 Jan 2004 03:00:38 -0800 (PST) From: Richard Wendland <richard@starburst.demon.co.uk> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/60889: 5.2RC2 - zero IP id change not effective for TCP, detrimental to security/privacy and maybe interoperation Message-ID: <200401081100.i08B0cFD032075@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/60889; it has been noted by GNATS. From: Richard Wendland <richard@starburst.demon.co.uk> To: freebsd-gnats-submit@FreeBSD.org, richard@wendland.org.uk Cc: Subject: Re: kern/60889: 5.2RC2 - zero IP id change not effective for TCP, detrimental to security/privacy and maybe interoperation Date: Thu, 8 Jan 2004 10:59:32 +0000 (GMT) I have identified a further problem with this change: This change causes ip_id for non-DF to be output in native byte order in ip_output.c. Unfortunately ip_id is still output in Network Byte Order in ip_mroute.c and raw_ip.c, so this change risks little-endian machines emitting the same IP fragmentation id at about the same time from these different modules (after another 255 packets), rather than after the usual 64k cycle; creating a small but real risk of fragment re-assembly errors. Richard -- Richard Wendland richard@wendland.org.uk
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401081100.i08B0cFD032075>