有没有人使用UDP jumbograms实现解决方案? [英] Has anyone implemented a solution using UDP jumbograms?
问题描述
我最近了解了Jumbograms(UDP数据包> 65k-仅IPv6).尽管我不需要使用它们,但我想我还是会四处看看,看看人们是如何做的很聪明的.
我很惊讶地发现除了技术文档协议之外没有什么.
那么有没有人使用过它们?
它们是否比UDP可靠,因为它们更大?
他们支持哪种语言/软件/硬件?
您的经历是什么?
欢呼
Linux包含支持,因为针对它记录了一个漏洞:
受影响的系统
Linux Linux内核:2.6.21,Linux Linux内核:2.6.20,Linux Linux 内核:2.6.2,Linux内核:2.6.2 rc3,Linux内核:2.6.2 rc2,Linux 内核:2.6.2 rc1,Linux Linux内核:2.6.20.1,Linux Linux内核: 2.6.20.10,Linux Linux内核:2.6.20.11,Linux Linux内核:2.6.20.12,Linux Linux内核:2.6.20.13,Linux Linux内核:2.6.20.14,Linux Linux内核:2.6.20.2,Linux Linux内核:2.6. 20.3,Linux Linux内核:2.6.20.4,Linux Linux内核:2.6.20.5,Linux Linux内核:2.6.20.8,Linux Linux内核:2.6.20.9,Linux Linux 内核:2.6.21.1,Linux内核:2.6.20 rc2,Linux Linux内核: 2.6.20.15,Linux Linux内核:2.6.20.6,Linux Linux内核:2.6.20.7,Linux内核:2.6.21 git1,Linux内核:2.6.21 git2,Linux内核: 2.6.21 git3,Linux内核:2.6.21 git4,Linux内核:2.6.21 git5,Linux内核:2.6.21 git6,Linux内核:2.6.21 git7
http://www.iss.net/security_center/reference/vuln/IPv6_Linux_Jumbogram_DoS.htm
分片的数据包本质上是不可靠的,并且DoS容易产生,因为必须保留资源,直到完整的序列可以提供给使用中的应用程序为止.
请注意,在IPv4中,您可以从网络中读取单个片段,IPv6强制IP堆栈仅显示完全重构的有效负载.
I've recently learned about jumbograms (UDP packets > 65k - IPv6 only). Although I have no requirement to use them I thought I'd dig around and see how people had done anything clever.
I was surprised to find very little other than technical documentation protocol.
So has anyone used them and if so how?
Are they less reliable than UDP because they're larger?
Which language / software / hardware supported them?
What was your experience?
Cheers
Linux includes support as there is a vulnerability logged against it:
Systems affected
Linux Linux Kernel: 2.6.21, Linux Linux Kernel: 2.6.20, Linux Linux Kernel: 2.6.2, Linux Kernel: 2.6.2 rc3, Linux Kernel: 2.6.2 rc2, Linux Kernel: 2.6.2 rc1, Linux Linux Kernel: 2.6.20.1, Linux Linux Kernel: 2.6.20.10, Linux Linux Kernel: 2.6.20.11, Linux Linux Kernel: 2.6.20.12, Linux Linux Kernel: 2.6.20.13, Linux Linux Kernel: 2.6.20.14, Linux Linux Kernel: 2.6.20.2, Linux Linux Kernel: 2.6.20.3, Linux Linux Kernel: 2.6.20.4, Linux Linux Kernel: 2.6.20.5, Linux Linux Kernel: 2.6.20.8, Linux Linux Kernel: 2.6.20.9, Linux Linux Kernel: 2.6.21.1, Linux Kernel: 2.6.20 rc2, Linux Linux Kernel: 2.6.20.15, Linux Linux Kernel: 2.6.20.6, Linux Linux Kernel: 2.6.20.7, Linux Kernel: 2.6.21 git1, Linux Kernel: 2.6.21 git2, Linux Kernel: 2.6.21 git3, Linux Kernel: 2.6.21 git4, Linux Kernel: 2.6.21 git5, Linux Kernel: 2.6.21 git6, Linux Kernel: 2.6.21 git7
http://www.iss.net/security_center/reference/vuln/IPv6_Linux_Jumbogram_DoS.htm
Fragmented packets are inherently unreliable and DoS prone as resources have to be reserved until the full sequence is available to present to the consuming applications.
Note in IPv4 you could read individual fragments from the wire, IPv6 enforces the IP stack to only present fully reconstructed payloads.
这篇关于有没有人使用UDP jumbograms实现解决方案?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
