Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 19 Jun 2025 12:40:59 +0000
From:      bugzilla-noreply@freebsd.org
To:        net@FreeBSD.org
Subject:   [Bug 287229] IP reassembly issue in FreeBSD 14.1
Message-ID:  <bug-287229-7501-Xa6dsX86ow@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-287229-7501@https.bugs.freebsd.org/bugzilla/>
References:  <bug-287229-7501@https.bugs.freebsd.org/bugzilla/>

next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D287229

--- Comment #18 from Michael Tuexen <tuexen@freebsd.org> ---
(In reply to Lucas Aubard from comment #15)
The maxfragbucketsize is computed (in your cases) as follows:
* We start with the kernel memory size, which you can observe via the
  sysctl variable vm.kmem_size.
  This is either set in /boot/loader.conf or it is a bit less then the
  memory of the machine.
* The maximum memory used for mbufs maxmbufmem is computed as half
  of the kernel memory.
* The maximum number of mbuf clusters is computed as
  nmbclusters =3D maxmbufmem / MCLBYTES / 4
  where MCLBYTES is 2048.
* The maximum number of fragments maxfrags is
  maxfrags =3D nmbclusters / 32.
* The maximum number of fragments per queue is
  maxfragbucketsize =3D imax(maxfrags / (V_ipq_hashsize / 2), 1)
  where V_ipq_hashsize is 1024 when not changed in /boot/loader.conf


kmem_size maxmbufmem nmbclusters maxfrags maxfragbucketsize
   200 MB     100 MB       12800      400                 1
   500 MB     250 MB       32000     1000                 1
  1000 MB     500 MB       64000     2000                 3
  2000 MB    1000 MB      128000     4000                 7

This explains the parameters you are observing. I was guessing the kmem_siz=
e,
so it might be a bit smaller or larger but it gives you an approximation of
maxfrags and the values you observed for maxfragbucketsize.

Please note that any host should avoid IP fragmentation. So, in my view, yo=
ur
tool tests the behavior under attack. We could increase maxfragbucketsize, =
but
then you could increase the number of threads you are using from 40 to 400.
Then you will hit the maxfrags limit.
Could you explain what attack you have in mind? Why are you testing with 40
packets in parallel and not with more or less?

--=20
You are receiving this mail because:
You are on the CC list for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-287229-7501-Xa6dsX86ow>