[Info-vax] Harden TCPIP Srv OVMS again SYN FLOOD attacks
Jan-Erik Söderholm
jan-erik.soderholm at telia.com
Wed Aug 15 16:10:09 EDT 2018
Den 2018-08-15 kl. 21:39, skrev Stephen Hoffman:
> On 2018-08-14 20:31:29 +0000, Jan-Erik S��derholm said:
>
>> Den 2018-08-14 kl. 22:14, skrev Johnny Billquist:
>>>
>>> Why the 64K limit? Why not bump it to a few million in that case?
>>
>> You cannot (or should not) set it higher according to the docs or
>> unexpected "things" might happen. It is a built-in limit.
>
> Seems more like a documented bug, but yeah. Somebody didn't fix the
> parser to prevent whatever mishap arises, nor fixed whatever was getting
> inflamed downstream of the parser.
>
>> Or did you ask why that limit is where it is? Don't know...
>
> I'd suspect it's related to the 64K unit number limitation, though have no
> way to confirm that.
>
OK. So each queue entry waiting to be served by a specific port or service
("socket" in the docs I have found) creates a device of some sort with
an unique device number? With device class is that? BGnnn:?
And if so, are the BG devices created before the TCPIP stack has got an
connection established (that is, before getting an reply on the "SYN ACK"
message)?
But on the other hand, you can have a number of sockets/services,
each of them having a 64K queue. So you could break the 64K device
number limit even before hitting the 64K queue size.
More information about the Info-vax
mailing list