Re: [squid-users] squid do the inverse of what it should do !!!!!!!!!!! help !!!!!!!!!

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Mon, 27 Aug 2007 22:51:47 +0200

On mån, 2007-08-27 at 16:30 -0300, Michel Santos wrote:

> just curious, how an interface would do that?

Can be many reasons to why a network duplicates packets..

> Other reason as tcp retransmission timeout exceedings (which BTW would
> resend one or another package not all) I can not even imagin a reason for
> that other as an malicious attack (syn flood) because under normal
> circunstancies the package sender *will_not* try retransmission endless
> but mark the target unreachable

retransmits is done by the endpoints only. Packet duplication may occur
at any router or switch hop either due to a hardware/software error, or
malconfiguraiton.

> I guess squid would not get such packages at all but should be discarted
> by your router at layer 3 or by your OS at layer 4 level where are checked
> tcp flags and sequence numbers before they go to the application layer.

It's silently discarded by the TCP stack on the receiving host. Routers
and even firewalls forward them as it looks just like a retransmit..

Regards
Henrik

Received on Mon Aug 27 2007 - 14:51:55 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Sep 01 2007 - 12:00:03 MDT