Service provider story about tracking down TCP RSTs

Bjørn Mork bjorn at
Sun Sep 2 10:06:24 UTC 2018

William Herrin <bill at> writes:

> BTW, for anyone concerned about an explosion in state management
> overhead, the TL;DR version is: the anycast node which first accepts
> the TCP connection encodes its identity in the TCP sequence number
> where all the other nodes can statelessly find it in the subsequent
> packets.

I didn't see a security section in your document.  Did you consider the
side effects of this sequence number abuse?


More information about the NANOG mailing list