RE: Timers and Timeouts in the SSH Transport Protocol

[Dan Davidson <dan.davidson%commatch.com@localhost>]

Thanks for your reply.

Based on your experience, what do you think the default
timeout should be.

Moreover, I do agree with your remark about the
retransmission and TCP/IP. However, please notice that in 
numerous telecommunications protocol messages are retransmitted 
although a reliable transport level is used.
Example: H.323/H.225.
		The H.225 uses a TCP connection, however, several
		messages (e.g. SETUP) are retransmitted after a 
		timer T expires, regardless of the TCP protocol.

Cheers,
Dan
-----Original Message-----
From: Simon Tatham [mailto:anakin%pobox.com@localhost]
Sent: Tuesday, July 02, 2002 5:36 PM
To: ietf-ssh%netbsd.org@localhost
Subject: Re: Timers and Timeouts in the SSH Transport Protocol


Dan Davidson  <dan.davidson%commatch.com@localhost> wrote:
> 	- A TCP/IP connection on port 22 was setup.
> 	- The server sent the identification string
> 		"SSH-protoversion-softwareversion" but didn't
> 		receive such a message/string from the remote side.
> 
> Should there be a re-transmission ? 
> Should the connection be disconnected after a T timeout
> 	- What is the timer length ?

There certainly shouldn't be a retransmission! That's what TCP is
for - it will retransmit it _anyway_ until it either gets an ACK
from the client's TCP layer, and if the client fails to see it after
that then no more retransmissions are likely to help.

The server probably should disconnect after a while, because if it
doesn't then a DoS attack becomes possible. I wouldn't have thought
it was necessary to specify that timeout precisely in the protocol
definition, though; it's up to individual server maintainers. If you
find you're getting a lot of hanging connections, reduce the
timeout; if you find a lot of users are complaining that your server
cuts them off before they can send anything, increase it.
-- 
Simon Tatham         "Selfless? I'm so selfless I
<anakin%pobox.com@localhost>    don't even know who I am."