Wow over 160 MILLION (yes I screamed that) IPs!
How much RAM is in your system?
On Wed, Aug 12, 2020 at 10:26 AM infoomatic <infooma...@gmx.at> wrote:
>
> We have ~30,000 entries in our table <blocklist> blocking networks and
> single ip addresses, all in all at the moment exactly 169,471,974 hosts
> being blocked. No idea what your criteria is for "performance impact",
> but we have no issues.
>
>
> On 12.08.20 14:11, Alan McKay wrote:
> > Hey folks,
> >
> > This is one that is difficult to test in a test environment.
> >
> > I've got OpenBSD 6.5 on a relatively new pair of servers each with 8G RAM.
> >
> > With some scripting I'm looking at feeding block IPs to the firewalls
> > to block bad-guys in near real time, but in theory if we got attacked
> > by a bot net or something like that, it could result in a few thousand
> > IPs being blocked. Possibly even 10s of thousands.
> >
> > Are there any real-world data out there on how big of a block list we
> > can handle without impacting performance?
> >
> > We're doing the standard /etc/blacklist to load a table and then have
> > a block on the table right at the top of the ruleset.
> >
> > thanks,
> > -Alan
> >
>
--
"You should sit in nature for 20 minutes a day.
Unless you are busy, then you should sit for an hour"
- Zen Proverb
