On 2015-01-27 13:57:20, wishmaster wrote:
> Have you consider to use netmap-based ipfw instead pf in DDoS mitigation? I
> think you should. And without any network ''haks'' like polling.
My understanding of netmap was that it wasn't useful for packet
forwarding, because its design is for transmitting packets directly to
userland faster, whereas routers dataflow stay mostly in the router...
I'm hesitant in switching back to ipfw, considering how nice the
featureset and syntax of pf is. But if that's what's needed to restore
sanity...
a.
--
Celui qui sait jouir du peu qu'il a est toujours assez riche.
- Démocrite
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
