From owner-freebsd-net@FreeBSD.ORG  Tue Jan 27 22:09:01 2015
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id C7D6CC56
 for <freebsd-net@freebsd.org>; Tue, 27 Jan 2015 22:09:01 +0000 (UTC)
Received: from marcos.anarc.at (mail.orangeseeds.org [72.0.72.144])
 by mx1.freebsd.org (Postfix) with ESMTP id 727F91BC
 for <freebsd-net@freebsd.org>; Tue, 27 Jan 2015 22:08:59 +0000 (UTC)
Received: by marcos.anarc.at (Postfix, from userid 1000)
 id 23F9B1A006C; Tue, 27 Jan 2015 17:08:27 -0500 (EST)
From: Antoine =?utf-8?Q?Beaupr=C3=A9?= <anarcat@koumbit.org>
To: wishmaster <artemrts@ukr.net>
Subject: Re: is polling still a thing?
In-Reply-To: <1422384769.867067950.y2iiuu53@frv34.fwdcdn.com>
References: <871tmgceup.fsf@marcos.anarc.at>
 <1422384769.867067950.y2iiuu53@frv34.fwdcdn.com>
User-Agent: Notmuch/0.18.2 (http://notmuchmail.org) Emacs/24.4.1
 (x86_64-pc-linux-gnu)
Date: Tue, 27 Jan 2015 17:08:27 -0500
Message-ID: <87pp9zc1wk.fsf@marcos.anarc.at>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-net@freebsd.org
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jan 2015 22:09:01 -0000

On 2015-01-27 13:57:20, wishmaster wrote:
> Have you consider to use netmap-based ipfw instead pf in DDoS mitigation?=
 I think you should. And without any network ''haks'' like polling.

My understanding of netmap was that it wasn't useful for packet
forwarding, because its design is for transmitting packets directly to
userland faster, whereas routers dataflow stay mostly in the router...

I'm hesitant in switching back to ipfw, considering how nice the
featureset and syntax of pf is. But if that's what's needed to restore
sanity...

a.

--=20
Celui qui sait jouir du peu qu'il a est toujours assez riche.
                         - D=C3=A9mocrite