Fork us on GitHub Follow us on Google+ Follow us on Facebook Follow us on Twitter

Opened 5 years ago

Last modified 17 months ago

#593 new defect

IP datagram reassembly needs to flush datagrams/fragments after some time

Reported by: Jiri Svoboda Owned by: Jiri Svoboda
Priority: major Milestone:
Component: helenos/net/inet Version: mainline
Keywords: Cc:
Blocker for: Depends on:
See also:

Description

Currently IP datagram reassembly will retain the datagram/fragment records forever if the datagram is not completed and delivered. This leads to increased memory usage over time and could be exploited for a DoS attack.

There needs to be some kind of a timeout mechanism so that old datagrams/fragments are discarded eventually.

Change History (1)

comment:1 Changed 17 months ago by Jiri Svoboda

Citing RFC 1122 Requirements for Internet Hosts — Communication Layers

         There MUST be a reassembly timeout.  The reassembly timeout
         value SHOULD be a fixed value, not set from the remaining TTL.
         It is recommended that the value lie between 60 seconds and 120
         seconds.  If this timeout expires, the partially-reassembled
         datagram MUST be discarded and an ICMP Time Exceeded message
         sent to the source host (if fragment zero has been received).
Note: See TracTickets for help on using tickets.