On Fri, Mar 25, 2011 at 04:39:29PM -0700, Ethan Jackson wrote: > This will be useful for debugging CFM problems in the future.
When you said something in an earlier commit about adding appctl commands to show CFM status in the future, I didn't realize that the future was coming so soon! This seems OK to me. There's one thing that has bothered me a bit since CFM was introduced: it seems that an attacker could use up arbitrary amounts of memory by sending packets with unexpected MPIDs in them. Would it be reasonable to limit the number of unexpected MPIDs to some small number (maybe just one)? Then we'd probably retain most of the debugging value but avoid memory exhaustion problems. It doesn't have to happen in this series but I think that we should consider it. _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
