From owner-freebsd-net  Fri Dec 21  7:42:32 2001
Delivered-To: freebsd-net@freebsd.org
Received: from sj-msg-core-1.cisco.com (sj-msg-core-1.cisco.com [171.71.163.11])
	by hub.freebsd.org (Postfix) with ESMTP id 9B90637B405
	for <net@freebsd.org>; Fri, 21 Dec 2001 07:42:30 -0800 (PST)
Received: from mira-sjc5-2.cisco.com (mira-sjc5-2.cisco.com [171.71.163.16])
	by sj-msg-core-1.cisco.com (8.11.3/8.9.1) with ESMTP id fBLFgUY19019
	for <net@freebsd.org>; Fri, 21 Dec 2001 07:42:30 -0800 (PST)
Received: from stewart.chicago.il.us (ssh-sj1.cisco.com [171.68.225.134])
	by mira-sjc5-2.cisco.com (Mirapoint)
	with ESMTP id AAP04834;
	Fri, 21 Dec 2001 07:42:29 -0800 (PST)
Message-ID: <3C235866.B063CC7B@stewart.chicago.il.us>
Date: Fri, 21 Dec 2001 09:42:30 -0600
From: Randall Stewart <randall@stewart.chicago.il.us>
X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: net@freebsd.org
Subject: m_reclaim and a protocol drain
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

Hi all:

I have a question. I have been working to test the new
sctp_drain function I am adding and have had a very difficult
time getting the drain function to be called by the mbuf system...

Now here is what I most observe from some of the test cases
I am building:

A) All inbound packets get a cluster down in the driver routine.
B) There is a much smaller limit to clusters
C) The cluster allocation routine will NOT call reclaim() et.al.
D) Of course since the lower drivers are allocating M_DONTWAIT
   even if they did I would not get the routine called.

Now this brings to light a weakness in my mind on the reclaim
system.

1) One of the primary things I thought the drain() functions 
   help with is to ward off DOS attacks.
2) If drivers all use clusters only and clusters can never
   call a drain() function, does this not leave both TCP and
   SCTP weak against an attack on the cluster side of the MBUF
   system?
3) I can see if we are out of mbufs eventually something sending
   down will do a mget(..) with a M_WAIT which can spawn the drains
   should we not have something like this for a cluster allocation??


If we don't it seems to me the utility of the drain() fucnction is
very very limited..

Regards

R

-- 
Randall R. Stewart
randall@stewart.chicago.il.us 815-342-5222 (cell phone)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message