TCP session disconnection caused by Code Red?

• Previous message (by thread): TCP session disconnection caused by Code Red?
• Next message (by thread): TCP session disconnection caused by Code Red?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alex Bligh wrote:

> 1. RFC826 appears to mandate only positive ARP caching. I can't
>    see a reason why negative ARP caching shouldn't work this
>    way:
>
>    Keep only one ARP request in flight at a time. Retry ARPs
>    a maximum of [5] times, separated by at least [1] second.
>    After that, cache non-existance of a h/w address for that
>    IP address for normal positive caching time.

The immediate problem with this is that it requires a *MUCH* larger ARP
cache. Rather than needing enough memory for a couple of thousand active
entries (the current norm for middle-of-the road routers), you need enough
room for every possible address on every attached segment.

[unsubstantiated conjecture] This may be what's killing the cable networks.
If they are making room in the NAS ARP caches for the addresses that are
being probed, then they are making room by flushing the "real" ARP entries,
resulting in a constant flush/load cycle. [/uc, but exemplary of the problem
with negative ARP caching.]

---
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/

• Previous message (by thread): TCP session disconnection caused by Code Red?
• Next message (by thread): TCP session disconnection caused by Code Red?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]