码迷,mamicode.com
首页 > 其他好文 > 详细

TCP Timeout and Retransmission(5)

时间:2018-10-06 17:53:46      阅读:172      评论:0      收藏:0      [点我收藏+]

标签:ack   packet   sed   when   UNC   inf   pack   instead   send   

Destination Metrics 

技术分享图片

 

Repacketization 

When TCP times out and retransmits, it does not have to retransmit the identi- cal segment.

Instead, TCP is allowed to perform repacketization, sending a bigger segment, which can increase performance. (Naturally, this bigger segment cannot exceed the MSS announced by the receiver and should not exceed the path MTU.)

This is allowed in the protocol because TCP identifies the data being sent and acknowledged by its byte number, not its segment (or packet) number. 

 

Attacks Involving TCP Retransmission 

There is a class of DoS attack called low-rate DoS attacks [KK03].

In such an attack, an attacker sends bursts of traffic to a gateway or host, causing the victim sys- tem to experience a retransmission timeout.

Given an ability to predict when the victim TCP will attempt to retransmit, the attacker generates a burst of traffic at each retransmission attempt.

As a consequence, the victim TCP perceives conges- tion in the network, throttles its sending rate to near zero, keeps backing off its RTO according to Karn’s algorithm, and effectively receives very little network throughput.

The proposed mechanism to deal with this type of attack is to add randomization to the RTO, making it difficult for the attacker to guess the precise times when a retransmission will take place. 

 

Summary

 

 

TCP Timeout and Retransmission(5)

标签:ack   packet   sed   when   UNC   inf   pack   instead   send   

原文地址:https://www.cnblogs.com/geeklove01/p/9747763.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!