Re: Connection Establishment

"Jeremy Harris [RU-UK]" <jgh@uk.sun.com> Wed, 13 February 2002 15:16 UTC

Message-Id: <200202131515.g1DFF7c10734@sunuk.UK.Sun.COM>
Date: Wed, 13 Feb 2002 15:16:03 +0000 (GMT)
From: "Jeremy Harris [RU-UK]" <jgh@uk.sun.com>
Reply-To: "Jeremy Harris [RU-UK]" <jgh@uk.sun.com>
Subject: Re: Connection Establishment
To: nicold@umkc.edu, Henk.Langeveld@Sun.COM, braden@ISI.EDU
Cc: tcp-impl@grc.nasa.gov, jgh@uk.sun.com
MIME-Version: 1.0
Content-Type: TEXT/plain; charset=us-ascii
Content-MD5: 1/Y3CYI6TTay46+Rh8veCQ==
X-Mailer: dtmail 1.3.0 @(#)CDE Version 1.4.2 SunOS 5.9 sun4u sparc
Sender: owner-tcp-impl@grc.nasa.gov
Precedence: bulk
Status: RO
Content-Length: 1988
Lines: 57

[David Nicol]
> fascinating -- you're suggesting HTTP over datagrams.  Or at least
> acting like datagrams when all you really want is a datagram.  You
> can dispense with the connection when all you want is a datagram.

Not quite...  I'm suggesting a use of TCP which degenerates to datagram
behaviour when it can, gives lower latency, client, net and server
resource usage when it can, and uses a full TCP connection when it
has to for the general case.


[Henk Langeveld]
>This is beginning to look like the DNS approach:  Just use udp
>on the first attempt, and revert to tcp when the result would be
>too large?

No, it's TCP all the way.

>Frankly, given that one of the conditions given was sufficient
>resistance/defence against DoS attacks,  I doubt this will ever
>escape the lab.  A proper defence against DoS attacks is miserly
>conduct with your resources, until you've established at least
>some validity in the request - this will require a round trip from
>server to client.

I agree about the proper defence.  But parsing an http GET and searching
a kernel URL cache isn't too expensive, and the eager action on it
simple to disable when the system load it high or a SYN attack detected.

>If you're going to allow initial datagrams carrying data, you'll
>have to limit the size of that data, possibly using the same
>constraints as the DNS udp/tcp switch referred to above.

Yes.

>You might
>be thinking of a specific application for this web-service, where
>you'd control the network stack of both client and server *and*
>the network in between.  Then you've got your value-add network,
>with your own application protocol - why use http?

No, I'd like to see it in general use.


[Bob Braden]
>  *> arises: how much data may be piggybacked on a SYN?  What window may
>  *> the sender assume?
>  *>
>
>Please see RFC 1644 on T/TCP (July 1994)/

I did. It suggests using the window specified by a previous connection.
Which is fine if you had one.


Cheers,
   Jeremy

Connection Establishment Sebastian Zimmermann
Re: Connection Establishment David Borman
RE: Connection Establishment Naidu, Venkata
Re: Connection Establishment Bob Braden
RE: Connection Establishment Jeremy Harris - Network Service Providers Division
RE: Connection Establishment Naidu, Venkata
RE: Connection Establishment Bob Braden
Re: Connection Establishment David Nicol
Re: Connection Establishment Henk Langeveld - NL
Re: Connection Establishment Sebastian Zimmermann
Re: Connection Establishment Jeremy Harris [RU-UK]
Re: Connection Establishment Henk Langeveld - NL
Re: Connection Establishment Alan Cox
T/TCP (was: Connection Establishment) Sebastian Zimmermann
Client Server D'laila Pereira