DDoSPedia is a glossary that focuses on network and
application security terms with many distributed
definitions. It provides a central place for hard to find web-scattered
definitions on DDoS attacks.
The TCP Window is a buffer that contains a copy of all the packets sent out by a device in case any of the packets are lost in transit (in which case they can be replaced using this buffer and resent minimizing packet loss). As a result, the TCP Window should be large enough to hold a copy of all packets still in transit; otherwise, network traffic will be severely throttled. The other extreme, is a large TCP window that can consume a significant amount of memory on a device.
The most optimal TCP Window size can be approximated using the equation Window Size (in bytes) = Bandwidth (in bit/s) * Round Trip Time (In sec) / 8. Since TCP does not know how much memory to reserve for the TCP Window, most operating systems have the ability to dynamically resize TCP Windows for each network connection. For a 20 Mb/s downstream 1 Mb/s upstream link and a max round trip time of 250 ms (fairly average), the maximum receive window size should be about 625 KB and the maximum send window size should be about 32 KB.