22 Aug
2015
22 Aug
'15
5:53 a.m.
On 8/21/15, Mike Perry mikeperry@torproject.org wrote:
... What I really need now is any examples of common routers that have a default inactive/idle timeout below 10s, or allow you to set it below 10s. So far I have not found any.
i recall a switch vendor that used overflow condition to trim timeouts lower, but this is different from a hard, low limit by configuration.
i'll see what i can dig up...
best regards,
P.S. flow tracking systems always make me point at c++ & scapy userspace driven raw injection around massive flow sybils as retort in their raw take and analytics. most efficient state representation of TCP behavior in memory? it's a fun challenge :P [ P.P.S. this may just crash your in-path, rather than DoS. keep a backup route! ]