From owner-freebsd-net@FreeBSD.ORG Fri Aug 12 15:32:38 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2BE96106566C for ; Fri, 12 Aug 2011 15:32:38 +0000 (UTC) (envelope-from lacombar@gmail.com) Received: from mail-yi0-f54.google.com (mail-yi0-f54.google.com [209.85.218.54]) by mx1.freebsd.org (Postfix) with ESMTP id DC4B58FC18 for ; Fri, 12 Aug 2011 15:32:37 +0000 (UTC) Received: by yib19 with SMTP id 19so2402011yib.13 for ; Fri, 12 Aug 2011 08:32:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=LTl3+NGdj9ij3FBGwHmAjj3cY50q16v36srvlm2Kxds=; b=QGXrpsh5hAznodwMagChvsEm004CBJ8NNmyiVVTimnGnUrULYv8WsldKaZLH11M89p rYPxbqRK+86eJS4pK/XETHPH4mhGtjwV21Ic2+tENc9g+Pevfeng7GrF9p/iAeRmvHq4 H8tYd5c7Ld6oPEeF6ZLMvBH9BFN5RyA9G0kEQ= MIME-Version: 1.0 Received: by 10.142.174.21 with SMTP id w21mr248211wfe.162.1313163156650; Fri, 12 Aug 2011 08:32:36 -0700 (PDT) Received: by 10.68.60.101 with HTTP; Fri, 12 Aug 2011 08:32:36 -0700 (PDT) In-Reply-To: <20110811135454.GR94016@zxy.spb.ru> References: <1F95A4C2D54E4F369830143CBDB5FF86@multiplay.co.uk> <4E37C0F2.4080004@freebsd.org> <2B063B6D95AA4C27B004C50D96393F91@multiplay.co.uk> <4E3AA66A.6060605@freebsd.org> <20110805065743.GC94016@zxy.spb.ru> <4E4330B5.5030100@freebsd.org> <20110811123102.GQ94016@zxy.spb.ru> <4E43DA31.7000605@freebsd.org> <20110811135454.GR94016@zxy.spb.ru> Date: Fri, 12 Aug 2011 11:32:36 -0400 Message-ID: From: Arnaud Lacombe To: Slawa Olhovchenkov Content-Type: text/plain; charset=ISO-8859-1 Cc: Lawrence Stewart , Andre Oppermann , Steven Hartland , freebsd-net@freebsd.org Subject: Re: tcp failing to recover from a packet loss under 8.2-RELEASE? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Aug 2011 15:32:38 -0000 Hi, On Thu, Aug 11, 2011 at 9:54 AM, Slawa Olhovchenkov wrote: > On Thu, Aug 11, 2011 at 11:33:37PM +1000, Lawrence Stewart wrote: > >> >>> Autotunig w/o limits is bad idea. This is way to DoS. >> >> >> >> Depends how it is implemented. With appropriate backpressure mechanisms >> >> put in place, it could be perfectly safe. I envisage reassembly segments >> >> being at the bottom of the heap in terms of importance, so if a machine >> >> were to come under memory pressure, they would be the first thing to be >> >> reclaimed. TCP would continue to operate if they got pulled out from >> >> under the connection as the protocol doesn't consider segments held in >> >> reassembly to have been delivered, so would recover via retransmission. >> > >> > Yes, TCP would continue to operate. But attacker don't allow to put >> > system under memory pressure. >> >> Without a concrete patch to discuss, let's just agree to disagree for >> the time being. FreeBSD does a fairly good job autoscaling and reacting >> to pressure with the VM subsystem for example. I don't see why we >> can't > > Yes, and VM system allow to set different memory limits for proccess (and now for jails). > >> become good at doing it with the netstack. Manual tuning sucks and can >> be just as dangerous if you tune things up to get performance, which >> opens you up to the same problems. > > Autoscaling with limits is good. > Automatic computation of limits (from available resources) also is > good (currently limits frequently to small for modern installation, > but don't remember about embeded systems). > All the useless limitation BSD puts all over the place wrt. memory management is a huge pain to deal with. nmbcluster, zone limitation and friend are just useless. Just try to use NetGraph with a consequent number of nodes and a high enough pps and the stuff with will start dropping packet all over the place, even if the box has Gigs of free memory. - Arnaud