back to article Jumbo bug crashes Cisco anti-hacker appliances

Security appliances from Cisco can crash when handling Jumbo Ethernet frames, the networking giant warned on Wednesday. Cisco has published a software patch designed to address a denial of service vulnerability in its Intrusion Prevention System (IPS) appliances. IPS systems are designed to block common hacker attacks and …

COMMENTS

This topic is closed for new posts.

do

Bamboo Bats scare them even more?

a flying mammal the size of a bumblebee attacking a pachiderm with multiple phobia problems would be entertaining. more so than your average Disney output..

0
0
Boffin

Jumbos not just for LANs

Jumbo frames are not restricted to LANs. Exactly the same efficiencies are needed if you are transferring data across the globe. Every long-haul academic network (JANET, GEANT, Internet2, CANARIE, AARNet) uses jumbo frames so that large research data transfers can be done efficiently.

As more commercial applications move bulk data around the globe (eg, for movie production) you'll see commercial ISPs offering jumbo frames too.

For the next generation of equipment at 10Gbps the Mathis, et al formula means that raising MTU is the simplest engineering response to the formula's limits to TCP performance. Thus super jumbo frames of 64KB at 10Gbps.

For your amusement the more complicated engineering alternatives are to re-lay the fiber infrastructure with lower loss cable and transmission equipment (which in turn means less bandwidth, as there's a trade-off between loss and bandwidth), increase the speed of light in fiber (which again means replacement of the globe's fiber plant), or reducing the diameter of the globe.

The BOFH -- who's always on the lookout for a bridge to sell to tourists -- could put together a proposal to VCs to drill a fiber conduit through the centre of the world. This would reduce the inter-continental distance to about a third (actually, by 1/pi). Networks are constrained by latency these days (as most connections never get out of TCP slow start) so routing traffic down the pi-way would improve network performance considerably. If the BOFH gets this funded I'd like my share in Guinness.

0
0

superjumbo frame loss & resend??

oooh...

Some people must be hauling stupendously ginormous warehouse-fulls of data if they can contemplate configuring their compoopers to ask for a resend after someone else's infrastructure accidentally mislays 64kilobits (or is that kbytes?) a pop

0
0
Silver badge

Elephants are not scared witless by mice...

... but Mythbusters demonstrated that they *do* shy away from them!

0
0
Joke

Not 1/pi

pi is the ratio of diameter to *circumference*, therefore drilling through the centre of the earth would result in a cable about 2/3 the length, not 1/3.

Moreover, that would only be the case for, for instance, UK -> New Zealand fibre. Cable length from UK to the East coast of the US would only be reduced to about 95% by going directly through the earth, which isn't really worth the effort (although it's probably a lot easier to get through than all the molten stuff in the core).

Oliver.

0
0
Alien

mice...

BTW they like chocolate more than cheese

0
0
This topic is closed for new posts.

Forums