From owner-freebsd-net@FreeBSD.ORG Tue Jan 27 22:44:37 2015 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2D666812 for ; Tue, 27 Jan 2015 22:44:37 +0000 (UTC) Received: from mail-ob0-f180.google.com (mail-ob0-f180.google.com [209.85.214.180]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E1D21828 for ; Tue, 27 Jan 2015 22:44:36 +0000 (UTC) Received: by mail-ob0-f180.google.com with SMTP id uz6so16202311obc.11 for ; Tue, 27 Jan 2015 14:44:30 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:message-id:references:to; bh=a0Qp1M6s/TtSn7aqI93hrt7EdDajGmEQpr0WZ3hZELo=; b=UaDoDg1tZHJH+60DoGReq1GwJPpI6oZjOxq7d4K5rztgypoTEN1td99dU1hgmP9W96 sNMaPBEqaz0elD4uxAoSlNQ1c1fIhUKjMUtN1QnBi923cgHQUGtVhVKfQdBTNaJG1GtS fR0CdCZOW0KRpKtTnQWMkHGsypczjgRfC15pKWzDCU6XgXJmpw4cRUJZyPegs8LWWWkr 4iiuW32LBxY3gKirCSwuVrC6Jbm/st4qAJGKY6SkIjqKCRXeq+fZ3TPOEZQ9TB9o4OvP m7kMWvb5UcTeyLq4Oaqjq5b69NfTcHEKTKGUW5jhdnVZsS8/eyQV+JUfQGyTSozPtCBV XT7g== X-Gm-Message-State: ALoCoQkKGgaIoZ3w99ViD/kJZX/9IK2yPak6sFODx4/U8uP1SXfc7s4VAw+UXDQ2W6dgTR3yxIR1 X-Received: by 10.182.191.6 with SMTP id gu6mr275095obc.36.1422398670482; Tue, 27 Jan 2015 14:44:30 -0800 (PST) Received: from ?IPv6:2610:160:11:33:956e:9562:4694:6bbf? ([2610:160:11:33:956e:9562:4694:6bbf]) by mx.google.com with ESMTPSA id mp3sm1344065obb.25.2015.01.27.14.44.29 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 27 Jan 2015 14:44:29 -0800 (PST) Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.1\)) Subject: Re: is polling still a thing? From: Jim Thompson In-Reply-To: Date: Tue, 27 Jan 2015 16:44:30 -0600 Message-Id: References: <871tmgceup.fsf@marcos.anarc.at> <87vbjsaxxy.fsf@marcos.anarc.at> To: =?utf-8?Q?Olivier_Cochard-Labb=C3=A9?= X-Mailer: Apple Mail (2.2070.1) Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 Cc: "freebsd-net@freebsd.org" , Michael Sierchio , =?utf-8?Q?Antoine_Beaupr=C3=A9?= X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jan 2015 22:44:37 -0000 > On Jan 27, 2015, at 2:28 PM, Olivier Cochard-Labb=E9 = wrote: >=20 > On Tue, Jan 27, 2015 at 9:15 PM, Michael Sierchio > wrote: >=20 >=20 > On small, embedded computers running ipfw w/kernel nat and device = polling enabled (on em ether adapters), I observed the *reported* system = load grow very high. When disabling polling on the interfaces, it went = back to something normal. >=20 > My impression is that the consensus among the core developers = concerned with networking is that device polling is an ancient hack and = is deprecated. In the case of a DDoS attack, there may be many other = things to try - at the infrastructure level - traffic diversion = techniques like BGP flowspec, use anycast, etc. On the individual = server level, use stateful rules with GRED enabled, dropping most new = tcp or udp traffic based on load. >=20 >=20 >=20 > If I remember well, Luigi had a surprise regarding the advantage of = using polling inside a VM: > https://lists.freebsd.org/pipermail/freebsd-net/2013-May/035626.html = >=20 > But on real hardware, since the introduction of interrupt moderation = on NIC, polling is not more useful. The DPDK guys disagree.