Service provider story about tracking down TCP RSTs

Bjørn Mork bjorn at mork.no
Sun Sep 2 10:06:24 UTC 2018


William Herrin <bill at herrin.us> writes:

> BTW, for anyone concerned about an explosion in state management
> overhead, the TL;DR version is: the anycast node which first accepts
> the TCP connection encodes its identity in the TCP sequence number
> where all the other nodes can statelessly find it in the subsequent
> packets.

I didn't see a security section in your document.  Did you consider the
side effects of this sequence number abuse?


Bjørn


More information about the NANOG mailing list