TCP time_wait and port exhaustion for servers

David Conrad drc at
Wed Dec 5 23:08:33 UTC 2012

On Dec 5, 2012, at 2:06 PM, Fred Baker (fred) <fred at> wrote:
> If you want to get into software rewriting, the simplest thing I might come up with would be to put TCBs in some form of LRU list and, at a point where you need a port back, close the TCB that least recently did anything. My understanding is that this was implemented 15 years ago to manage SYN attacks, and could be built on to manage this form of "attack".

I can say for certain that it was implemented (at least) twice that long ago (circa 1983) in a TCP implementation for a particular memory constrained environment ("640K should be good enough for anybody") :).


More information about the NANOG mailing list