Destination Metrics
Repacketization
When TCP times out and retransmits, it does not have to retransmit the identi- cal segment.
Instead, TCP is allowed to perform repacketization, sending a bigger segment, which can increase performance. (Naturally, this bigger segment cannot exceed the MSS announced by the receiver and should not exceed the path MTU.)
This is allowed in the protocol because TCP identifies the data being sent and acknowledged by its byte number, not its segment (or packet) number.
Attacks Involving TCP Retransmission
There is a class of DoS attack called low-rate DoS attacks [KK03].
In such an attack, an attacker sends bursts of traffic to a gateway or host, causing the victim sys- tem to experience a retransmission timeout.
Given an ability to predict when the victim TCP will attempt to retransmit, the attacker generates a burst of traffic at each retransmission attempt.
As a consequence, the victim TCP perceives conges- tion in the network, throttles its sending rate to near zero, keeps backing off its RTO according to Karn’s algorithm, and effectively receives very little network throughput.
The proposed mechanism to deal with this type of attack is to add randomization to the RTO, making it difficult for the attacker to guess the precise times when a retransmission will take place.
Summary