From owner-freebsd-net Sat Aug 4 2: 0:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by hub.freebsd.org (Postfix) with SMTP id 2763637B403 for ; Sat, 4 Aug 2001 02:00:35 -0700 (PDT) (envelope-from oppermann@telehouse.ch) Received: (qmail 68362 invoked from network); 4 Aug 2001 09:00:06 -0000 Received: from unknown (HELO telehouse.ch) ([62.48.21.234]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 4 Aug 2001 09:00:06 -0000 Message-ID: <3B6BB99C.ED16B804@telehouse.ch> Date: Sat, 04 Aug 2001 11:00:12 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: JINMEI@telehouse.ch, Tatuya@telehouse.ch, /@telehouse.ch, "$B?\"@L@C#:H"@FreeBSD.ORG Cc: Poul-Henning Kamp , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: 303,000 routes in kernel References: <3B69CE3F.1BCCB280@telehouse.ch> <93100.996790166@critter> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org JINMEI Tatuya / $B?@L@C#:H(B wrote: > > >>>>> On Fri, 03 Aug 2001 00:09:26 +0200, > >>>>> Poul-Henning Kamp said: > > >> The problem I've got now is that for every packet I get the kernel is > >> making one host entry in the routing table. Because of the many UDP > >> DNS requests from all over the world I've got 303'000 (yes, three- > >> hundredthreethousand) entries in the kernel routing table which have > >> not expired yet. So I'm getting error messages like this now: > > > Hmm, I wasn't aware that we cloned routes for UDP packets, are you sure > > that is what is causing the routes to exists ? (Just to mention the > > obvious: it's not CodeRed probes ?) > > Since udp_output calls in_pcbconnect(), which is shared with TCP and > makes cloned host routes, unbound UDP socket can have such routes. > > However, I guess DNS server implementations do bind(2) specific > addresses to UDP sockets, because they have to ensure an query's > destination equals to a corresponding reply's source. So, I'd like to > see the result of > > % netstat -f inet -an | grep 53 Ok, here is the output: # netstat -f inet -an | grep 53 udp4 0 0 194.42.48.120.53 *.* > on the server node to see if the DNS server binds specific addresses. Yes, it does. > JINMEI, Tatuya > Communication Platform Lab. > Corporate R&D Center, Toshiba Corp. > jinmei@isl.rdc.toshiba.co.jp -- Andre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message