Opened 10 years ago

Last modified 7 years ago

#593 new defect

IP datagram reassembly needs to flush datagrams/fragments after some time

Reported by: Jiri Svoboda Owned by: Jiri Svoboda
Priority: major Milestone:
Component: helenos/net/inet Version: mainline
Keywords: Cc:
Blocker for: Depends on:
See also:


Currently IP datagram reassembly will retain the datagram/fragment records forever if the datagram is not completed and delivered. This leads to increased memory usage over time and could be exploited for a DoS attack.

There needs to be some kind of a timeout mechanism so that old datagrams/fragments are discarded eventually.

Change History (1)

comment:1 by Jiri Svoboda, 7 years ago

Citing RFC 1122 Requirements for Internet Hosts — Communication Layers

         There MUST be a reassembly timeout.  The reassembly timeout
         value SHOULD be a fixed value, not set from the remaining TTL.
         It is recommended that the value lie between 60 seconds and 120
         seconds.  If this timeout expires, the partially-reassembled
         datagram MUST be discarded and an ICMP Time Exceeded message
         sent to the source host (if fragment zero has been received).
Note: See TracTickets for help on using tickets.