[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-devel] [bug #39565] Server "ddosed" by PCBs in LAST_ACK state
|
From: |
Roman Trunov |
|
Subject: |
[lwip-devel] [bug #39565] Server "ddosed" by PCBs in LAST_ACK state |
|
Date: |
Thu, 25 Jul 2013 09:43:19 +0000 |
|
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 5.0; ru; rv:1.9.0.19) Gecko/2010031422 Firefox/3.0.19 |
URL:
<http://savannah.nongnu.org/bugs/?39565>
Summary: Server "ddosed" by PCBs in LAST_ACK state
Project: lwIP - A Lightweight TCP/IP stack
Submitted by: thestream
Submitted on: Thu 25 Jul 2013 09:43:18 AM GMT
Category: TCP
Severity: 3 - Normal
Item Group: Change Request
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Discussion Lock: Any
Planned Release:
lwIP version: 1.4.1
_______________________________________________________
Details:
Our device is a server which suddenly stopped responding. LWIP on the device
was configured for 10 PCBs for incoming connections. We found that all 10 PCBs
were active in "LAST_ACK" state, so no more incoming connections could be
accepted.
Regardless of the reason caused last ACK to be lost (e.g. improperly
configured NAT/firewall on the way), bad thing is that server becomes
completely blocked for 120 seconds (default TCP_MSL * 2) until one of PCBs
expires.
Although I could make some kind of workaround by reducing TCP_MSL to e.g. 5
seconds, I suggest to implement more aggressive strategy for PCB allocation -
reuse LAST_ACK PCBs in the similar way like we already handling TIME_WAIT
pcbs.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?39565>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [lwip-devel] [bug #39565] Server "ddosed" by PCBs in LAST_ACK state,
Roman Trunov <=