> I have a machine running 4.9. P4 2.8Ghz, 800mhz bus, Intel PRO/1000 > ethernet connected to a Cisco, both sides are locked to 1000/FD. > > The kernel has HZ=1000, and DEVICE_POLLING, IPFW, DUMMYNET, > etc. After > only a few minutes of run time under an attack ~90,000 pps. > The attack > has been limited at the router to JUST incoming TCP port 80 inbound > traffic. I don't know why the machine is having such a hard > time under > the load. The cpu shows it is >90% idle even under the worst of the > attack. What am I doing wrong?
I think there's a problem with CPU time not getting properly accounted for in device polling, so it may be busier than you think. For this scenario, i would set net.inet.tcp.blackhole=2. You might be spending a lot of time creating the ICMP unreachable messages, rather than in the network driver (where device polling would help). --don _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
