From owner-svn-src-all@FreeBSD.ORG Wed May 20 21:38:37 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3417F1065670; Wed, 20 May 2009 21:38:36 +0000 (UTC) (envelope-from juli@clockworksquid.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.231]) by mx1.freebsd.org (Postfix) with ESMTP id 86D638FC0C; Wed, 20 May 2009 21:38:36 +0000 (UTC) (envelope-from juli@clockworksquid.com) Received: by rv-out-0506.google.com with SMTP id k40so263558rvb.43 for ; Wed, 20 May 2009 14:38:36 -0700 (PDT) MIME-Version: 1.0 Sender: juli@clockworksquid.com Received: by 10.142.126.6 with SMTP id y6mr714966wfc.269.1242855516098; Wed, 20 May 2009 14:38:36 -0700 (PDT) In-Reply-To: References: <200905201858.n4KIw7Fc040619@svn.freebsd.org> From: Juli Mallett Date: Wed, 20 May 2009 14:38:16 -0700 X-Google-Sender-Auth: f1d5077e332eda9d Message-ID: To: Rick Macklem Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r192463 - head/sys/fs/nfsserver X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 May 2009 21:38:37 -0000 On Wed, May 20, 2009 at 2:36 PM, Rick Macklem wrote: > On Wed, 20 May 2009, Juli Mallett wrote: > >> When client ids have been run out of, does that put something into a >> dangerous state (insecure or crash-prone)? =A0Isn't it better to let the >> administrator make the decision of when to reboot the machine? >> > Well, first off, this will "never" happen in practice. the clientid > generator is a 32bit unsigned, which means it will wrap around in 13.6 > years if there is an average rate of 10 new clientids/sec. Since a new > clientid only typically happens once per mount (some clients might even > do less), it seems highly unlikely that an "average rate of 10/sec" > could happen even on the busiest server with clients doing short term > mounts. (There was talk of a client inside a web browser, but I don't > know that it has ever been written.) What's to prevent using this as a DoS vector? Is it really so hard to exhaust the server of clientids, forcing a reboot / drop to debugger? > When the 32bit # wraps around, rebooting would be the only solution, > since re-issuing the same clientid is verboten by the RFC. > > If it was something I will see happen in my lifetime, I would be more > concerned about it. > > The only reason I put it in is so no one can argue I can violate the RFC.