Dag-Erling Smørgrav wrote:
First of all, you need to realize that GoBSD is a DragonFly advocacy
site. That doesn't necessarily make it a bad site, but it does mean
it's biased.
I'm only going to respond to the opinion section of the post, not the
technical patch.
"The successor of the very stab
Just a guess, but i think you've bumped nmbclusters or nmbufs up
too much (or perhaps maxsockets, maxfds, ...) and have run out of
KVA.
You can tune clusters & mbufs in loader.conf without recompiling
kernel. You will want to see what vm.zone_kmem_pages, vm.zone_kmem_kvaspace
are showing you, vmsta
As a part of tracking down a performance issue, I tried building a
custom kernel (with just IPFW, DUMMYNET added, NMBCLUSTERS, commenting
out MATH_EMULATE, INET6, I386, I486). The system is currently running a
kernel from a similar machine with the same settings. The machine does
run on this k
You could use ipfw to limit the damage of a syn flood, e.g.
a keep-state rule with a limit of ~2-5 per source IP, lower the
timeouts, increase the hash buckets in ipfw, etc. This would
use a mask on src-ip of all bits.
something like:
allow tcp from any to any setup limit src-addr 2
this would only
Don Bowman wrote:
It was kindly pointed out that I didn't including the symptoms of the
problem:
Without polling on, I get 70+% interrupt load, and I get live lock.
With polling on, I start getting huge amounts of input errors, packet
loss, and general unresponsiveness to the network. The we
And this was picked up in the messages log:
/kernel: stray irq 7
last message repeated 2 times
/kernel: too many stray irq 7's; not logging any more
DJ
Don Bowman wrote:
I have a machine running 4.9. P4 2.8Ghz, 800mhz bus, Intel PRO/1000
ethernet connected to a Cisco, both sides are locked to
Don Bowman wrote:
I have a machine running 4.9. P4 2.8Ghz, 800mhz bus, Intel PRO/1000
ethernet connected to a Cisco, both sides are locked to 1000/FD.
The kernel has HZ=1000, and DEVICE_POLLING, IPFW, DUMMYNET,
etc. After
only a few minutes of run time under an attack ~90,000 pps.
The atta
on it
doesn't respond though it occassionally will open the connection, just
not respond. accept_filter on/off makes no difference. I have read other
posts that say em systems can more >200kpps without serious incident.
Thanks in advance,
DJ
Deepak Jain wrote:
I have a machine running 4.
I have a machine running 4.9. P4 2.8Ghz, 800mhz bus, Intel PRO/1000
ethernet connected to a Cisco, both sides are locked to 1000/FD.
The kernel has HZ=1000, and DEVICE_POLLING, IPFW, DUMMYNET, etc. After
only a few minutes of run time under an attack ~90,000 pps. The attack
has been limited at
d to worry about to undertake
such a project?
Thanks,
Deepak Jain
AiNET
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
slow for most purposes.
Yeah, we thought about using a sniffer in front of a box to accomplish the
same task to overcome the performance issue, but a more direct way would
really be suitable to our application.
Thanks!
Deepak Jain
AiNET
___
[EMAIL PROTE
instead of showing send/rec
queues it shows retransmit or packet drops? Would there be much interest in
this feature if we were to build it ourselves?
Thanks in advance,
Deepak Jain
AiNET
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman
Try increasing your maxsockbuf:
kern.ipc.maxsockbuf: 262144
is the default setting, try:
sysctl -w kern.ipc.maxsockbuf=384000 [or higher, depending on your RAM and
your network usage]
There are a bunch of other network buffers you might want to tune as I am
sure others will mention.
Deepak
kit once it is running?
Scenario:
System is violated,
Root kit is installed,
Root kit [binaries] are deleted from the machine.
Solution:
Reboot machine
How does one DETECT that the root kit is there in the first place to know to
reboot it?
Thanks,
Deepak Jain
AiNET
To Unsubscribe: send mail
-time] will show the
attack characteristics [ip ranges, packet types, general number of packets,
etc].?
Thanks,
Deepak Jain
AiNET
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
s and
memory path would have trouble forwarding at least 2Gb/s.
Am I missing something?
Deepak Jain
AiNET
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
ICMP packets destined for the router from now on or remove
one of the interfaces.
Thanks,
Deepak Jain
AiNET
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Terry Lambert
Sent: Friday, August 31, 2001 3:53 PM
To: [EMAIL PROTECTED]
Cc: freebsd-hackers@FreeBSD
-Original Message-
From: Deepak Jain [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 27, 2001 7:04 PM
To: FreeBSD-Questions; freebsd-isp@FreeBSD. ORG
Subject: Interesting Router Question
We've got a customer running a FreeBSD router with 2 x 1GE interfaces [ti0
and ti1]. At no
Yes, its only happening on this one chassis so far. We'll try replacing the
memory and see what happens.
Thanks!
Deepak Jain
AiNET
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Assar Westerlund
Sent: Friday, June 08, 2001 9:07 AM
To: [
e for quite a while. The panic: malloc: lost data implies to me that
something is misbehaving with its memory allocations.
Is this a hardware issue or an application problem? The kernel is 4.1
RELEASE. The RAM is ECC.
Any assistance would be appreciated!
Thanks,
Deepak Jain
AiNET
Jun 5 01:02:56
20 matches
Mail list logo
