2. SYN Cookie: Operation
Introduction
As concluded in the last article, in order to avoid allocating space for TCB, the attacked device needs to reject TCP SYN packets sent by clients. In this article I will explain ho...
Updated Feb 14, 2025
Version 4.0
Javier_Velasco
Employee
EmployeeJavier_VelascoEmployee
Employee
Dan_Pacheco
Cirrus
CirrusThanks for the excellent explanation. Does the VS type have an affect? I am under the impression for a standard VS type, the 3WHS needs to complete with the client before a SYN is sent to the pool member, so the above explanation aligns perfectly.
But for a Performance L4 VS, it passed the SYN to the server before completing the 3WHS. https://support.f5.com/csp/article/K8082
Does this mean that we negate the benefits of SYN cookie when using a perf L4 a VS type?