[...] > I don't believe that mbuf fragments have any relationship to IP > fragmentation. > > And while you mention it, the IP fragmentation handling code is another > place where we need to add mbuf merging/chaining. > > I've been thinking about this, actually. How many IP fragments will a > packet ever truly have? If you assume a 1500 byte ethernet packet broken > into 200 byte chunks, that's < 8. If you break a jumbo frame into 1500 > byte packets, that's < 7. Can there be any normal use of fragmentation > that would produce more than 10 or so fragments? Also, will overlapping > fragments really ever be seen, or can we just assume that's a sign of > abuse? > > Sorry for the sudden change of direction for this thread, I've been > pondering how to improve our resistance to mbuf exhaustion through ip > frags.
There is net.inet.ip.maxfragpackets but IMHO net.inet.ip.maxfragperpacket will be useful too. -- Maxim Konovalov, MAcomnet, Internet Dept., system engineer phone: +7 (095) 796-9079, mailto:[EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message