From owner-freebsd-current Tue Sep 28 5:34:59 1999 Delivered-To: freebsd-current@freebsd.org Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131]) by hub.freebsd.org (Postfix) with ESMTP id 24DB1151B9 for ; Tue, 28 Sep 1999 05:34:56 -0700 (PDT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.9.3/8.9.2) with ESMTP id OAA25866; Tue, 28 Sep 1999 14:34:12 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Ville-Pertti Keinonen Cc: current@FreeBSD.ORG, culverk@culverk.student.umd.edu Subject: Re: just found this In-reply-to: Your message of "28 Sep 1999 12:29:17 -0000." <19990928122917.16937.qmail@ns.oeno.com> Date: Tue, 28 Sep 1999 14:34:12 +0200 Message-ID: <25864.938522052@critter.freebsd.dk> From: Poul-Henning Kamp Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <19990928122917.16937.qmail@ns.oeno.com>, Ville-Pertti Keinonen writ es: >> The easiest way to detect this DOS is probably to keep track of the >> >> namecache entries >> ----------------- >> live vnodes >> >> ratio, and enforce an upper limit on it. > >That seems like a reasonable approach. > >If you want to include the other attack I mentioned (I just tried it, >got up to > 160000 vnodes), then you have to exclude vnodes that are >only live because of v_cache_src entries from the count. It should probably only count vnodes in "actual" use. >BTW: You still haven't committed the v_id patch I sent you in May. Is >there any specific reason for this? I seem to remember we stalled on some detail which wouldn't or couldn't work was it NFS ? -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." FreeBSD -- It will take a long time before progress goes too far! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message