On 15/02/07, Justin Robertson <[EMAIL PROTECTED]> wrote:
This is definitely worst-case, it's simulating a DDoS attack at the
network. What is really surprising is that just 1mbps of traffic is able
to kill a 6.x box doing routing. If it were, say, 600mbps that I'd
understand as you're pushing o
Sack was never enabled, the packets in the flood had sack set.
rtmaxcache was default, what made you think I had changed it? I was not
running SMP, as I explained.
More over suggestions to do ether.ipfw result in terrible performance,
etc. A 4.11 bridge and 4.11 router in series move all
Hi,
if you disable sack, what's happend?
(sysctl net.inet.tcp.sack.enable=0)
(Are Memory and cpu OK?)
For route problem you can set this to a low value, for example 10
sysctl net.inet.ip.rtexpire: 10
See
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/securing-freebsd.html
Why
This is definitely worst-case, it's simulating a DDoS attack at the
network. What is really surprising is that just 1mbps of traffic is able
to kill a 6.x box doing routing. If it were, say, 600mbps that I'd
understand as you're pushing over a million PPS. But 1mbps? :-\
Freddie Cash wrote
On Thursday 15 February 2007 01:29 pm, Justin Robertson wrote:
> Send a flood of 60 byte syn packets with the tcp sack option thru
> it and check out what happens. It's pretty weird and I can't explain
> why. If you block the packets on the box via ipfw it's fine, the second
> it has to make a
Send a flood of 60 byte syn packets with the tcp sack option thru it
and check out what happens. It's pretty weird and I can't explain why.
If you block the packets on the box via ipfw it's fine, the second it
has to make a routing decision everything goes out the window, it seems.
There's
On Thursday 15 February 2007 11:43 am, Justin Robertson wrote:
> Playing with these sysctl values made 0 difference - what's supposed
> to happen???
>
> Another scary discovery - if you've got 6.2 setup to route, even with
> static routes, 1Mbps of TCP SYN traffic will cause it to start droppin
Playing with these sysctl values made 0 difference - what's supposed
to happen???
Another scary discovery - if you've got 6.2 setup to route, even with
static routes, 1Mbps of TCP SYN traffic will cause it to start dropping
packets in every direction. Awesome. Methinks I'll be using 4.11 for
Clockrate is based off of my device_polling setup, which is configured
to 4000. burst_max has a hard limit, can't go higher than it already is
at 1000
Could I get an explanation as to what the queue and isr sysctl values
are actually doing? I'll be able to run some more basic tests tomorro
