Re: [tcpm] New I-D

Mark Allman <> Tue, 20 February 2007 18:11 UTC

Received: from [] ( by with esmtp (Exim 4.43) id 1HJZSF-0006qQ-Oc; Tue, 20 Feb 2007 13:11:07 -0500
Received: from [] ( by with esmtp (Exim 4.43) id 1HJZSE-0006oo-63 for; Tue, 20 Feb 2007 13:11:06 -0500
Received: from ([]) by with esmtp (Exim 4.43) id 1HJZSA-0001TH-P5 for; Tue, 20 Feb 2007 13:11:06 -0500
Received: from ( []) by pork.ICSI.Berkeley.EDU ( with ESMTP id l1KIAoKp019480; Tue, 20 Feb 2007 10:10:51 -0800
Received: from ( []) by (Postfix) with ESMTP id 5658D7F0A87; Tue, 20 Feb 2007 13:10:45 -0500 (EST)
Received: from (localhost []) by (Postfix) with ESMTP id 9EAFC181B80; Tue, 20 Feb 2007 13:10:23 -0500 (EST)
From: Mark Allman <>
Subject: Re: [tcpm] New I-D
In-Reply-To: <>
Organization: ICSI Center for Internet Research (ICIR)
Song-of-the-Day: Cocaine
MIME-Version: 1.0
Date: Tue, 20 Feb 2007 13:10:23 -0500
Message-Id: <>
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 52f7a77164458f8c7b36b66787c853da
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: multipart/mixed; boundary="===============1324962680=="


> [...] but it looks to me like this is more of an OS mechanism to
> manage resources rather than a protocol-based mechanism.  Is this
> correct? 

I'm with Wes here.

I just took a spin through the draft and am left with three thoughts ...

  + You say apps don't have a good role to play even after citing apps
    that 'pause' as the culprit.  I can't make these things agree in my
    head.  Even in the absence of TCP-specific information it seems that
    these apps could time themselves out if no progress is being made
    (i.e. data getting exchanged).

    (Further, things like HTTP sends after which the app goes away and
    then getting wedged into persist don't worry me much.  That sounds
    like a once in a blue moon sort of situation to me.)

  + This seems fundamentally like an operating system resource issue to
    me and not something for a networking standards body.  OSes deal
    with all sorts of resource contention issues without standards.  Why
    does this problem need to be solved the same way by each OS?

  + In particular, I think you have solved the problem wrong.  Don't get
    me wrong ... maybe it is perfectly OK for your purposes and it is
    fine with me if you want to use it.  However, I would want something
    a little smarter to really avoid the mythical attacks you describe.
    All you did was to cap the length of connections.  So, conceivably a
    periodic attack could still keep all your resources busy.  It seems
    to me that you'd want to use some sort of scheme that actually took
    into account contention and resource exhaustion.  E.g., some sort of
    LRU what-has-been-in-persist longest when you need new resources and
    they are not available sort of culling scheme?  Or, when you have
    exhausted X% of your resources to keep some in reserve.  That might
    be wrong and busted itself (it is quickly off the top of my head),
    but it at least takes into account the resource contention unlike a
    naive timeout.

Just my two bits ...


tcpm mailing list