Posted Apr 10, 2008 23:40 UTC (Thu) by jzbiciak (✭ supporter ✭, #5246)
Parent article: Improving syncookies
If I understood correctly, we have a dozen or so bits in the syncookie to store TCP options.
Right now, the options are being stored with an ad hoc encoding that doesn't evolve.
Syncookies only kick in when there's a certain connection backlog, and so represent a graceful
failure strategy. As a result, most connections are legitimate, and the kernel could keep
some statistics on what option sets are "popular" among legitimate connections. From this, it
could build a table with the "N" most popular option sets, in essence defining an ad hoc
encoding rather than a rigorous encoding. Such an ad hoc encoding would evolve as protocols
Within 12 bits, we can represent 4096 such sets. Even if an option set required 64 bits (8
bytes) (that's including its "popularity histogram"), that's only 32K of storage. If we
reserve some subset of these as "static", for mapping connections onto when syncookies are
enabled and there's no perfect match, then we have a graceful fallback mechanism that also
evolves. You'd probably need some additional storage to keep track of "most popular recent
misses" to allow new entries to climb their way into the table.
Since I suspect there's strong correlation between certain feature combinations, I imagine
such a table will be fairly stable most of the time.
Or is this too crazy?