From owner-freebsd-net Thu Jul 6 20:45:24 2000 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with SMTP id 7801837BBD6 for ; Thu, 6 Jul 2000 20:45:21 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 44661 invoked by uid 1000); 7 Jul 2000 03:45:19 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 7 Jul 2000 03:45:19 -0000 Date: Thu, 6 Jul 2000 22:45:19 -0500 (CDT) From: Mike Silbersack To: jayanth Cc: net@FreeBSD.ORG Subject: Re: deleting cloned routes In-Reply-To: <20000706192402.A25086@yahoo-inc.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 6 Jul 2000, jayanth wrote: > One of the issues during a syn flood is that the routing table > fills up easily because of the cloned routes being generated. > > In Freebsd current, an incomplete connection is randomly dropped > when the listen queue overflows. This logic could be easily extended > by deleting the cloned route that is associated with the connection > being dropped , if there is no information cached for that route. > > Is this a reasonable fix ? > > jayanth Seems to make sense on the surface to me. But, I haven't ever looked at the route code, so I have one more question: Even with the routes deleted won't you still end up with a bloated, fragmented route table? (Granted, it'll cap the growth by a large amount, so it should still be a big win.) Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message