Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 26 Aug 1999 10:37:03 +0200 (SAST)
From:      Geoff Rehmet <geoff@hangdog.is.co.za>
To:        hackers@freebsd.org
Cc:        markm@iafrica.com
Subject:   TCP initial sequence numbers
Message-ID:  <199908260837.KAA01802@hangdog.is.co.za>
next in thread | raw e-mail | index | archive | help 
With the hacking I have been doing, looking at initial TCP sequence
numbers, I ran across the following:

/* 
 * Tcp initialization
 */
void
tcp_init()
{
    int hashsize;
 
    tcp_iss = random(); /* wrong, but better than a constant */

If you look at RFC793:
  To avoid confusion we must prevent segments from one incarnation of a
  connection from being used while the same sequence numbers may still
  be present in the network from an earlier incarnation.  We want to
  assure this, even if a TCP crashes and loses all knowledge of the
                         ***********
  sequence numbers it has been using.  When new connections are created,
  an initial sequence number (ISN) generator is employed which selects a
  new 32 bit ISN.  The generator is bound to a (possibly fictitious) 32
  bit clock whose low order bit is incremented roughly every 4
  microseconds.  Thus, the ISN cycles approximately every 4.55 hours.
  Since we assume that segments will stay in the network no more than 
  the Maximum Segment Lifetime (MSL) and that the MSL is less than 4.55
  hours we can reasonably assume that ISN's will be unique.

This tells us, that we need to assure that things happen as required,
even when TCP crashes (or the system reboots).  

Thus, it looks like we should rather start off the tcp_iss based
on the system clock, plus a random increment.  This way, we fullfil
the goals of sequence numbers being unpredictable, and we also ensure
that we carry on with a monotonically increasing series of initial
sequence numbers.  (Using microtime() and dividing by 4 should give
a reasonable approximation to work with.)

I will look at a change to this shortly.

Geoff.
-- 
Geoff Rehmet, The Internet Solution - Infrastructure 
tel: +27-11-283-5462, fax: +27-11-283-5401 mobile: +27-83-292-5800
email: geoffr@is.co.za 
URL: http://www.is.co.za 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908260837.KAA01802>