Translated from: http://blog.chinaunix.net/uid-20225489-id-3066379.html
In RFC1323 about using the timestamp option to achieve paws function, there is a possible problem: to prevent the mechanism of paws, more or less oneself also vulnerable to wraparound attack (also can be said to overflow, and wraparound said is a meaning, But the wraparound should be accurate, not actually a 32-bit value reached 0xFFFFFFFF, the next becomes 0, but a number a, another number B, and the initial case of B>a, but when the constant to B plus 1, suddenly, b<a, then , we'll say wraparound). Due to some restrictions on the system, for timers and other similar operations, in order to avoid being affected by user modifications (or protocols such as NTP), always choose a mechanism that is not calendar time to measure. Most systems choose a tool like tick, and the tick of 32 systems is easy to wraparound (Hz, the 1000 system, will be wraparound after 24.8 days, the general use of the Hz 100 system, it will be 248 days later also wraparound, although it sounds like a long time, but for some carrier-grade products, easy to cross this threshold. The mechanism used to prevent timestamp is exactly the same, including problems with VxWorks and BSD systems, so the mechanism used to prevent timestamp wraparound may also be wraparound in such a system.
RFC1323 Timestamp Paws's Realization Trap