Re: [tcpm] TCP zero window timeout?
"Kuthonuzo Luruo (STSD)" <kuthonuzo.luruo@hp.com> Mon, 28 August 2006 07:01 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GHb8B-0007na-AS; Mon, 28 Aug 2006 03:01:59 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GHb8A-0007nQ-HB for tcpm@ietf.org; Mon, 28 Aug 2006 03:01:58 -0400
Received: from bgerelbas02.asiapac.hp.net ([15.219.201.135]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GHb83-0000UQ-Ac for tcpm@ietf.org; Mon, 28 Aug 2006 03:01:58 -0400
Received: from bgeexg12.asiapacific.cpqcorp.net (bgeexg12.asiapacific.cpqcorp.net [16.150.33.62]) by bgerelbas02.asiapac.hp.net (Postfix) with ESMTP id 6159E33088; Mon, 28 Aug 2006 12:31:48 +0530 (IST)
Received: from BGEEXC02.asiapacific.cpqcorp.net ([16.150.33.10]) by bgeexg12.asiapacific.cpqcorp.net with Microsoft SMTPSVC(6.0.3790.1830); Mon, 28 Aug 2006 12:31:47 +0530
Received: from knuth.india.hp.com ([15.76.101.71]) by BGEEXC02.asiapacific.cpqcorp.net with Microsoft SMTPSVC(6.0.3790.1830); Mon, 28 Aug 2006 12:31:47 +0530
Subject: Re: [tcpm] TCP zero window timeout?
From: "Kuthonuzo Luruo (STSD)" <kuthonuzo.luruo@hp.com>
To: MURALI BASHYAM <murali_bashyam@yahoo.com>
In-Reply-To: <20060826230546.41460.qmail@web31713.mail.mud.yahoo.com>
References: <20060826230546.41460.qmail@web31713.mail.mud.yahoo.com>
Content-Type: text/plain
Date: Mon, 28 Aug 2006 18:02:15 +0530
Message-Id: <1156768336.4600.3.camel@knuth.india.hp.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.6.2
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 28 Aug 2006 07:01:47.0602 (UTC) FILETIME=[D4251B20:01C6CA6F]
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 2857c5c041d6c02d7181d602c22822c8
Cc: tcpm@ietf.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org
On Sat, 2006-08-26 at 16:05 -0700, MURALI BASHYAM wrote: > Fernando > > I collaborated with mahesh on this, so let me try > making the case for it a little better. > > The problem was found on a TCP proxy, which does not > have any applicaton awareness. In fact application > awareness is not a goal in that environment. Hence the > TCP level solution. > > Having said that, i'd say this timeout is in the same > spirit as the upper bound on the retransmit mechanism > of TCP. TCP could indefinitely retransmit and have the > application timeout too, correct? The problem is that > TCP has a persist state which can potentially exist > infinitely long and which lends itself to abuse by a > malicious peer. Just based purely on this > consideration, don't you think TCP should have a > mechanism that reduces the impact of this problem by > either limiting the number of probes (a la retransmit > timeout) or the duration. And the application can turn > it on per connection via a socket option and set a > value which makes sense for that application, so there > is per application per connection control anyway. Several OSes do include a socket option SO_SNDTIMEO, that can be set by an application to specify the amount of time a transmit function blocks when flow control prevents the transmission of data. -thonuzo > > Murali > > --- Fernando Gont <fernando@gont.com.ar> wrote: > > > At 21:00 25/08/2006, Mahesh Jethanandani wrote: > > > > >The situation I was referring to is a little > > different and applies > > >to persist timer. In our situation the client stops > > reading data. > > >These clients are machines out in the Internet and > > as such the > > >server has no control over their behavior. So while > > there is > > >unacknowledged data, it is not that the client is > > not acking any > > >data. It is responding to the probe but that it > > continuously > > >advertises a window of zero. There is currently to > > my knowledge no > > >timeout for this state for the server. This can > > manifest itself as a > > >DOS situation if there are several such connections > > where the server > > >is forced to hold data. > > > > I'd argue that this should be handled by an > > application-level timer. > > > > The problem with the scenario you point out is that > > there will always > > be one more way to do the same thing. > > > > If we're talking about connections wasting > > resources, there are many > > protocols (POP3, SMTP) in which after the initial > > greeting by the > > server, the client is supposed to go ahead. In all > > those cases, the > > client could just sit there. And only an > > application-layer timeout > > would help you. > > > > I'm not sure how many servers implement this type of > > > > application-layer timer. But there are some (Apache) > > that I have > > checked, and do. > > > > Nevertheless, I'm interested in the behaviour you > > described. Is it > > supposed to be malicious activity? > > > > Kindest regards, > > > > -- > > Fernando Gont > > e-mail: fernando@gont.com.ar || fgont@acm.org > > PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE > > A9EF D076 FFF1 > > > > > > > > > > > _______________________________________________ > > tcpm mailing list > > tcpm@ietf.org > > https://www1.ietf.org/mailman/listinfo/tcpm > > > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > _______________________________________________ > tcpm mailing list > tcpm@ietf.org > https://www1.ietf.org/mailman/listinfo/tcpm _______________________________________________ tcpm mailing list tcpm@ietf.org https://www1.ietf.org/mailman/listinfo/tcpm
- [tcpm] TCP zero window timeout? Mahesh Jethanandani
- RE: [tcpm] TCP zero window timeout? Mahdavi, Jamshid
- RE: [tcpm] TCP zero window timeout? Fernando Gont
- Re: [tcpm] TCP zero window timeout? Mahesh Jethanandani
- Re: [tcpm] TCP zero window timeout? Joe Touch
- Re: [tcpm] TCP zero window timeout? Fernando Gont
- Re: [tcpm] TCP zero window timeout? MURALI BASHYAM
- RE: [tcpm] TCP zero window timeout? Anantha Ramaiah (ananth)
- Re: [tcpm] TCP zero window timeout? Joe Touch
- Re: [tcpm] TCP zero window timeout? Kuthonuzo Luruo (STSD)
- Re: [tcpm] TCP zero window timeout? Ted Faber
- Re: [tcpm] TCP zero window timeout? Fernando Gont
- Re: [tcpm] TCP zero window timeout? MURALI BASHYAM
- Re: [tcpm] TCP zero window timeout? MURALI BASHYAM
- Re: [tcpm] TCP zero window timeout? Mahesh Jethanandani
- RE: [tcpm] TCP zero window timeout? Caitlin Bestler
- RE: [tcpm] TCP zero window timeout? MURALI BASHYAM
- Re: [tcpm] TCP zero window timeout? Fernando Gont
- Re: [tcpm] TCP zero window timeout? Ted Faber
- Re: [tcpm] TCP zero window timeout? MURALI BASHYAM
- RE: [tcpm] TCP zero window timeout? Caitlin Bestler
- Re: [tcpm] TCP zero window timeout? John Heffner
- RE: [tcpm] TCP zero window timeout? MURALI BASHYAM
- RE: [tcpm] TCP zero window timeout? Caitlin Bestler
- Re: [tcpm] TCP zero window timeout? Mahesh Jethanandani
- Re: [tcpm] TCP zero window timeout? Joe Touch
- Re: [tcpm] TCP zero window timeout? Ted Faber
- Re: [tcpm] TCP zero window timeout? Joe Touch
- Re: [tcpm] TCP zero window timeout? Ted Faber
- Re: [tcpm] TCP zero window timeout? Joe Touch
- Re: [tcpm] TCP zero window timeout? Ted Faber
- Re: [tcpm] TCP zero window timeout? Ted Faber