From owner-freebsd-stable Mon Dec 27 22:25:50 1999 Delivered-To: freebsd-stable@freebsd.org Received: from mass.cdrom.com (castles542.castles.com [208.214.165.106]) by hub.freebsd.org (Postfix) with ESMTP id 00B9D14DD8 for ; Mon, 27 Dec 1999 22:25:48 -0800 (PST) (envelope-from msmith@mass.cdrom.com) Received: from mass.cdrom.com (localhost [127.0.0.1]) by mass.cdrom.com (8.9.3/8.9.3) with ESMTP id WAA01257; Mon, 27 Dec 1999 22:30:23 -0800 (PST) (envelope-from msmith@mass.cdrom.com) Message-Id: <199912280630.WAA01257@mass.cdrom.com> X-Mailer: exmh version 2.1.1 10/15/1999 To: Kip Macy Cc: "Mr. K." , stable@freebsd.org Subject: Re: panic In-reply-to: Your message of "Mon, 27 Dec 1999 22:06:17 PST." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 27 Dec 1999 22:30:23 -0800 From: Mike Smith Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > > I was not root when this happened, so, basically, you're saying that > > freebsd is not meant for a production environment where untrusted users > > have telnet access? > > As far as I can tell, yes. Until default per user mbuf limitations or some > such thing is in place no amount of mbufs will prevent intentionally bad > code from downing the machine. My understanding is that this was not a > problem in 2.x. It's a fundamental problem with the BSD mbuf architecture. It's not something that as many people were seeing with 2.2 simply because people weren't pushing systems as hard back then. There's a conscious tradeoff between raw performance and tuning requirement in the BSD mbuf allocator. You can't add more buffering once the system has started, so you need to tune at kernel build or load time. The upside from this is that certain critical network buffer operations are extremely efficient. Work is underway (and in fact mostly complete) to reduce the fataility of mbuf starvation to the system, but the fact remains that correct tuning of the BSD kernel is and always has been critical to performance and robustness. -- \\ Give a man a fish, and you feed him for a day. \\ Mike Smith \\ Tell him he should learn how to fish himself, \\ msmith@freebsd.org \\ and he'll hate you for a lifetime. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message