Date: 07 Nov 2000 23:50:55 +0100 From: Dag-Erling Smorgrav <des@ofug.org> To: Poul-Henning Kamp <phk@FreeBSD.ORG> Cc: arch@FreeBSD.ORG Subject: Re: Green/Yellow/Red state for the VM system. Message-ID: <xzpwvefv1kg.fsf@flood.ping.uio.no> In-Reply-To: Poul-Henning Kamp's message of "Tue, 07 Nov 2000 23:21:46 %2B0100" References: <28041.973635706@critter>
next in thread | previous in thread | raw e-mail | index | archive | help
Poul-Henning Kamp <phk@FreeBSD.ORG> writes:
> IP:
> Yellow:
> Expire cloned routes faster.
> Stop generating ICMP packets.
> Stop forwarding packets.
+ Stop passing packets to bpf (which IIRC needs to
duplicate them, which eats mbufs)
> Red:
> Expire all cloned routes now.
+ If running dummynet, drop everything that enters a
pipe as if that pipe was full.
> TCP:
> Yellow:
> Accept no new TCP connections.
> Reduce outgoing TCP windows.
> Drop all sessions which have not passed
> a packet in the last N seconds.
>
> Red:
> Drop all un-assembled fragments.
> Drop all "final-stages" TCP pcbs.
(i.e. CLOSING, FIN_WAIT_1, FIN_WAIT_2 or TIME_WAIT)
> Drop all sessions which have not passed
> a packet in the last M seconds. (M << N)
+ Drop connections that are in SYN_RECEIVED state
> Now, before anyone starts point indignated fingers in RFC's and
> other such moral high-ground, let me just make it perfectly clear
> that YELLOW isn't set until the system detects the risk of meltdown
> and RED is the meltdown.
Personally, if violating an RFC can keep my server from panicking when
attacked, then the RFC can go take a hike (as I think I've already
demonstrated with TCP_RESTRICT_RST and TCP_DROP_SYNFIN)
DES
--
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpwvefv1kg.fsf>