Date: Thu, 1 Mar 2007 11:23:00 +0000 From: Chris <chrcoluk@gmail.com> To: "Justin Robertson" <justin@sk1llz.net> Cc: freebsd-performance@freebsd.org Subject: Re: 6.x, 4.x ipfw/dummynet pf/altq - network performance issues Message-ID: <3aaaa3a0703010323x107b0857k93069a719c216df6@mail.gmail.com> In-Reply-To: <45D4E76F.7040807@sk1llz.net> References: <20070207120426.CDEFC16A407@hub.freebsd.org> <200702151211.45177.fcash@ocis.net> <45D4D0D1.5020902@sk1llz.net> <200702151357.22075.fcash@ocis.net> <45D4E76F.7040807@sk1llz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 15/02/07, Justin Robertson <justin@sk1llz.net> wrote: > > This is definitely worst-case, it's simulating a DDoS attack at the > network. What is really surprising is that just 1mbps of traffic is able > to kill a 6.x box doing routing. If it were, say, 600mbps that I'd > understand as you're pushing over a million PPS. But 1mbps? :-\ > > > Freddie Cash wrote: > > On Thursday 15 February 2007 01:29 pm, Justin Robertson wrote: > > > >> Send a flood of 60 byte syn packets with the tcp sack option thru > >> it and check out what happens. It's pretty weird and I can't explain > >> why. If you block the packets on the box via ipfw it's fine, the second > >> it has to make a routing decision everything goes out the window, it > >> seems. There's 100% packet loss on all protocols. I'm not using NAT, > >> there are real IPs in different C classes on the other side of the box. > >> > > > > Is that something that would occur normally? Or is this a > > worst-case/stress-test trying to break things? How are you generating > > the packets? > > > > I'm not a network guru, and haven't done much in the way of > > network-related stress-testing, but I'm always looking for ways to do so. > > > > > > > -- > Justin > > > > _______________________________________________ > freebsd-performance@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-performance > To unsubscribe, send any mail to "freebsd-performance-unsubscribe@freebsd.org" > does disabling sacks harden agsint syn floods then? I agree 1mbps of syn is a weak flood. Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3aaaa3a0703010323x107b0857k93069a719c216df6>