Re: [tcpm] New I-D
Mahesh Jethanandani <mahesh@cisco.com> Fri, 20 July 2007 00:21 UTC
Return-path: <tcpm-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IBgFq-0003F6-UF; Thu, 19 Jul 2007 20:21:58 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IBgFp-0003F1-Nm for tcpm@ietf.org; Thu, 19 Jul 2007 20:21:57 -0400
Received: from sj-iport-6.cisco.com ([171.71.176.117]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IBgFo-0006v3-Bd for tcpm@ietf.org; Thu, 19 Jul 2007 20:21:57 -0400
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-6.cisco.com with ESMTP; 19 Jul 2007 17:21:31 -0700
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AigcAAidn0arR7O6/2dsb2JhbACCLjeFeZ16
X-IronPort-AV: i="4.16,559,1175497200"; d="scan'208,217"; a="185265103:sNHT3467432223"
Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l6K0LVXj007197; Thu, 19 Jul 2007 17:21:31 -0700
Received: from [171.69.75.156] (dhcp-171-69-75-156.cisco.com [171.69.75.156]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id l6K0LUSb003853; Fri, 20 Jul 2007 00:21:30 GMT
Message-ID: <46A00008.7060603@cisco.com>
Date: Thu, 19 Jul 2007 17:21:28 -0700
From: Mahesh Jethanandani <mahesh@cisco.com>
Organization: Cisco Systems Inc.
User-Agent: Thunderbird 1.5.0.12 (Windows/20070509)
MIME-Version: 1.0
To: John Heffner <jheffner@psc.edu>
Subject: Re: [tcpm] New I-D
References: <20070221144454.3D3E01827FD@lawyers.icir.org> <45DCC9BB.4010302@psc.edu> <46856FC2.90309@cisco.com> <468DA6C1.5060107@psc.edu>
In-Reply-To: <468DA6C1.5060107@psc.edu>
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=8360; t=1184890891; x=1185754891; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mahesh@cisco.com; z=From:=20Mahesh=20Jethanandani=20<mahesh@cisco.com> |Subject:=20Re=3A=20[tcpm]=20New=20I-D |Sender:=20; bh=bRGxA0XroBKFfjcsTGaUwInnvRH0MY2c/VKEU2i05/U=; b=qG7koO6SejzusPFFLMQu5uI4eg9TtlhbVMYLLW52HClt8aBBaisVeIxz4QCpTET+WO6jB1ZL Op+Z4Jo/LHEGVE8so3Fc0tvv+sXr+RGNziFBPlRnSsZZVNohd5mse1eJ;
Authentication-Results: sj-dkim-2; header.From=mahesh@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
X-Spam-Score: -4.0 (----)
X-Scan-Signature: ccfb4541e989aa743998098cd315d0fd
Cc: tcpm@ietf.org, weddy@grc.nasa.gov, mallman@icir.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0961435540=="
Errors-To: tcpm-bounces@ietf.org
John Heffner wrote: > Mahesh Jethanandani wrote: >> Context is the draft - >> http://www.ietf.org/internet-drafts/draft-mahesh-persist-timeout-00.txt >> >> John Heffner wrote: >>> As proof of concept, I wrote up a simple script (I think only about >>> 30 lines of python) that used the TCP ESTATS MIB to monitor >>> connections, and kill off ones making no progress while consuming >>> the most memory. This proved an effective defense against netkill, >>> and I think would solve the problem described in the draft as well. >>> It would be easy enough to write a kernel thread to do the same if >>> the system doesn't do ESTATS. >>> >>> -John >> John, >> >> The issue with Netkill or any other application trying to kill >> connections is that they cannot distinguish between connections that >> are held up because of network issues where packets are getting >> dropped and connections that are in persist state because the client >> refuses to open the zero window. TCP can distinguish between the >> connections and determine which ones need to go. Wouldn't you agree? >> >> m/ > > That's going back a ways. I think I've paged the original thread back > in to memory. ;) > > It may be important to distinguish between recovery and persist (the > ESTATS MIB will do this). I mention netkill because it is pretty > effective at running the attacked system out of buffer memory without > using the persist state. I think a more general defense is better > located at the operating system level (either a daemon or in the > kernel), since that is the point where resource contention is resolved > and policy enforced. > > Thanks, > -John General defense - yes. Operating system can enforce a maximum number of resource allocation to TCP to prevent it from exhausting all the buffers. Let us further assume that the operating system enforces a per connection buffer utilization count. Now suppose one was to write a resource contention daemon or do this as part of the kernel. What would be the information it would need? It would need per connection buffer utilization, how long the buffers have been on that connection, what is the state of the connection (assume it gets it from the MIB, which BTW gets it from TCP), how many times the connection has entered or exited this condition (in case someone is trying to fool the system), information that is part of TCP. So you can peek into the TCP connection table, extract all the information needed to make the determination or let TCP manage the buffers that it has borrowed from the operating system and is ultimately responsible for. Without that intimate knowledge of each connection, I can think of at least two scenarios that can stump an operating system. * Large number of connections with one buffer each in persist condition, where the total number of buffers exceed the amount set as the upper limit set by the operating system. Without the OS knowing that the connection is in persist condition AND for how long (after all you do not want to whack a connection just because it entered persist condition), how does it determine if the connection should be torn down or not. * Fewer than a large number of connection mentioned above each in persist condition, where the numbers are short of the max. buffers per connection but the total number of buffers by all connections exceeds the max. count set by the OS for all of TCP. Now the sender can run out of buffers sooner and with fewer connection setups. This all assumes that TCP always runs as part of an operating system. Is that assumption always true?
_______________________________________________ tcpm mailing list tcpm@ietf.org https://www1.ietf.org/mailman/listinfo/tcpm
- Re: [tcpm] New I-D Mark Allman
- Re: [tcpm] New I-D MURALI BASHYAM
- [tcpm] New I-D Mahesh Jethanandani
- Re: [tcpm] New I-D Wesley Eddy
- Re: [tcpm] New I-D David Malone
- Re: [tcpm] New I-D MURALI BASHYAM
- Re: [tcpm] New I-D (draft-mahesh-persist-timeout-… Fernando Gont
- Re: [tcpm] New I-D (draft-mahesh-persist-timeout-… MURALI BASHYAM
- RE: [tcpm] New I-D (draft-mahesh-persist-timeout-… Anantha Ramaiah (ananth)
- RE: [tcpm] New I-D (draft-mahesh-persist-timeout-… Fernando Gont
- Re: [tcpm] New I-D Mark Allman
- Re: [tcpm] New I-D MURALI BASHYAM
- Re: [tcpm] New I-D Fernando Gont
- Re: [tcpm] New I-D Mark Allman
- Re: [tcpm] New I-D MURALI BASHYAM
- RE: [tcpm] New I-D Caitlin Bestler
- Re: [tcpm] New I-D John Heffner
- Re: [tcpm] New I-D Mahesh Jethanandani
- Re: [tcpm] New I-D John Heffner
- Re: [tcpm] New I-D Mahesh Jethanandani
- [tcpm] New I-D Mahesh Jethanandani