TCP RST flood
RST packets forcibly reset connections. A flood can disrupt established sessions and test how quickly infrastructure recovers.
How it works
- RST aborts TCP sessions immediately.
- Edge devices must process and propagate resets.
- Useful to test session persistence and retry logic.
Packet flow (illustrative)
Engarde node Target
→TCP [FIN|RST|PSH]flag flood
→TCP flag segment× N
Connection state churn ↑
Illustrative flow — not a live capture.
Flag RST
Engarde TCP RST
Layer L4
What to watch in Engarde
- Session drop rate on load balancers.
- Client retry storms after mass RST.
Running this simulation
Run TCP RST simulation on staging; compare Target Monitor during and after End test.
Mitigation perspective
Ensure RST handling limits exist; validate failover and session re-establishment.