Date: Sat, 10 Feb 2007 08:41:10 +0000 From: Geraint Edwards <gedge-lists@yadn.org> To: Justin Robertson <justin@sk1llz.net> Cc: freebsd-isp@freebsd.org Subject: Re: 6.x, 4.x ipfw/dummynet pf/altq - network performance issues Message-ID: <20070210084110.GN30460@cymru.serf.org> In-Reply-To: <45C7A713.2020201@sk1llz.net> References: <45C7A713.2020201@sk1llz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Justin Robertson <justin@sk1llz.net> said (on Mon, Feb 05, 2007 at 01:52:19PM -0800): > 6.x; > Normal traffic isn't a problem. The second you get into the realm of > abusive traffic, such a DoS/DDoS (over 100mbps) UDP floods the machine > falls over. Little packets with ip lengths of 28-29 bytes seem to do the > most damage. I've tried playing with various sysctl values and have seen > no difference at all. By "falls over" I mean "stops sending all traffic > in any direction". Just a thought (may not be related) but did you see 'known problems' at http://www.uk.freebsd.org/releases/6.2R/errata.html ? -- Geraint A. Edwards (aka "Gedge")
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070210084110.GN30460>