IETF Logo Mail Archive

Re: [tcpm] TCP zero window timeout?

"Kuthonuzo Luruo (STSD)" <kuthonuzo.luruo@hp.com> Mon, 28 August 2006 07:01 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GHb8B-0007na-AS; Mon, 28 Aug 2006 03:01:59 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GHb8A-0007nQ-HB for tcpm@ietf.org; Mon, 28 Aug 2006 03:01:58 -0400
Received: from bgerelbas02.asiapac.hp.net ([15.219.201.135]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GHb83-0000UQ-Ac for tcpm@ietf.org; Mon, 28 Aug 2006 03:01:58 -0400
Received: from bgeexg12.asiapacific.cpqcorp.net (bgeexg12.asiapacific.cpqcorp.net [16.150.33.62]) by bgerelbas02.asiapac.hp.net (Postfix) with ESMTP id 6159E33088; Mon, 28 Aug 2006 12:31:48 +0530 (IST)
Received: from BGEEXC02.asiapacific.cpqcorp.net ([16.150.33.10]) by bgeexg12.asiapacific.cpqcorp.net with Microsoft SMTPSVC(6.0.3790.1830); Mon, 28 Aug 2006 12:31:47 +0530
Received: from knuth.india.hp.com ([15.76.101.71]) by BGEEXC02.asiapacific.cpqcorp.net with Microsoft SMTPSVC(6.0.3790.1830); Mon, 28 Aug 2006 12:31:47 +0530
Subject: Re: [tcpm] TCP zero window timeout?
From: "Kuthonuzo Luruo (STSD)" <kuthonuzo.luruo@hp.com>
To: MURALI BASHYAM <murali_bashyam@yahoo.com>
In-Reply-To: <20060826230546.41460.qmail@web31713.mail.mud.yahoo.com>
References: <20060826230546.41460.qmail@web31713.mail.mud.yahoo.com>
Content-Type: text/plain
Date: Mon, 28 Aug 2006 18:02:15 +0530
Message-Id: <1156768336.4600.3.camel@knuth.india.hp.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.6.2
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 28 Aug 2006 07:01:47.0602 (UTC) FILETIME=[D4251B20:01C6CA6F]
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 2857c5c041d6c02d7181d602c22822c8
Cc: tcpm@ietf.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org

On Sat, 2006-08-26 at 16:05 -0700, MURALI BASHYAM wrote:
> Fernando
> 
> I collaborated with mahesh on this, so let me try
> making the case for it a little better.
> 
> The problem was found on a TCP proxy, which does not
> have any applicaton awareness. In fact application
> awareness is not a goal in that environment. Hence the
> TCP level solution.
> 
> Having said that, i'd say this timeout is in the same
> spirit as the upper bound on the retransmit mechanism
> of TCP. TCP could indefinitely retransmit and have the
> application timeout too, correct? The problem is that
> TCP has a persist state which can potentially exist
> infinitely long  and which lends itself to abuse by a
> malicious peer. Just based purely on this
> consideration, don't you think TCP should have a
> mechanism that reduces the impact of this problem by
> either limiting the number of probes (a la retransmit
> timeout) or the duration. And the application can turn
> it on per connection via a socket option and set a
> value which makes sense for that application, so there
> is per application per connection control anyway.

Several OSes do include a socket option SO_SNDTIMEO, that can be set by
an application to specify the amount of time a transmit function blocks
when flow control prevents the transmission of data. 

-thonuzo

> 
> Murali
> 
> --- Fernando Gont <fernando@gont.com.ar> wrote:
> 
> > At 21:00 25/08/2006, Mahesh Jethanandani wrote:
> > 
> > >The situation I was referring to is a little
> > different and applies 
> > >to persist timer. In our situation the client stops
> > reading data. 
> > >These clients are machines out in the Internet and
> > as such the 
> > >server has no control over their behavior. So while
> > there is 
> > >unacknowledged data, it is not that the client is
> > not acking any 
> > >data. It is responding to the probe but that it
> > continuously 
> > >advertises a window of zero.  There is currently to
> > my knowledge no 
> > >timeout for this state for the server. This can
> > manifest itself as a 
> > >DOS situation if there are several such connections
> > where the server 
> > >is forced to hold data.
> > 
> > I'd argue that this should be handled by an
> > application-level timer.
> > 
> > The problem with the scenario you point out is that
> > there will always 
> > be one more way to do the same thing.
> > 
> > If we're talking about connections wasting
> > resources, there are many 
> > protocols (POP3, SMTP) in which after the initial
> > greeting by the 
> > server, the client is supposed to go ahead. In all
> > those cases, the 
> > client could just sit there. And only an
> > application-layer timeout 
> > would help you.
> > 
> > I'm not sure how many servers implement this type of
> > 
> > application-layer timer. But there are some (Apache)
> > that I have 
> > checked, and do.
> > 
> > Nevertheless, I'm interested in the behaviour you
> > described. Is it 
> > supposed to be malicious activity?
> > 
> > Kindest regards,
> > 
> > --
> > Fernando Gont
> > e-mail: fernando@gont.com.ar || fgont@acm.org
> > PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE
> > A9EF D076 FFF1
> > 
> > 
> > 
> > 
> > > _______________________________________________
> > tcpm mailing list
> > tcpm@ietf.org
> > https://www1.ietf.org/mailman/listinfo/tcpm
> > 
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
> 
> _______________________________________________
> tcpm mailing list
> tcpm@ietf.org
> https://www1.ietf.org/mailman/listinfo/tcpm


_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email