The current values are the only "safe" defaults. Here "safe" means
that if you have thousands of web connections, clients cannot force
the serve to queue large amounts of traffic per socket.
The attack goes something like: Open N thousand connections to
server, ask for large static object, do not ACK any of the data
packets. Server must thus hold onto N thousnad * maximum socket
write buffer bytes amount of memory.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/