On Thu, Apr 14, 2016 at 01:52:31PM +0000, Majid Taleqani wrote: > i am writing a DDOS mitigation for openflow networks using pox > controller and open vSwitch version 1.9. as DDOS attacks aim at > Flooding flow tables and input buffers, i wonder what is the maximum > capacity of each switch port input buffer.
OVS ports themselves don't have buffers, so this is a question of your NIC driver's buffering strategy. > i know after the switch input buffer overflows then the switch sends > the whole packet to the controller No, that's wrong. Buffer overflow has nothing to do with sending packets to the controller. > and then the controller responses by sending packet out message which > contains the whole packet and also the action. i want to know how > much data and at what rate should a host send data to overflow a > switch port input buffer and if is it possible to change the switch > port input buffers? is it possible to change the amount of time that a > packet stays in buffer before timeouts? thanks _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
