User: Password:
|
|
Subscribe / Log in / New account

TCP Fast Open: expediting web services

TCP Fast Open: expediting web services

Posted Aug 2, 2012 11:28 UTC (Thu) by Los__D (guest, #15263)
In reply to: TCP Fast Open: expediting web services by dan_a
Parent article: TCP Fast Open: expediting web services

But if it is already possible to send data with an normal SYN, and that data gets delivered to the application later, what do you gain from throwing it away when you use TCP Fast Open? If the feature can be used for SYN attacks, they would just do it without Fast Open.

I'm probably missing something, but it doesn't really make sense to me.


(Log in to post comments)

TCP Fast Open: expediting web services

Posted Aug 3, 2012 2:17 UTC (Fri) by butlerm (guest, #13312) [Link]

If I am not mistaken, most modern TCP stacks do not hold data sent with a SYN, and do not send it either. For most applications, there would be relatively little advantage if they did. Requests usually fit in an MTU (or MSS) worth of data, and in the absence of something like TCP Fast Open, the target endpoint has to wait for an acknowledgement that can carry the full sub-MSS sized request without a problem. Where on the other hand, holding the data simply makes it easier to conduct SYN attacks.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds