Date: Mon, 27 Dec 1999 22:30:23 -0800 From: Mike Smith <msmith@freebsd.org> To: Kip Macy <kip@lyris.com> Cc: "Mr. K." <bsd@inbox.org>, stable@freebsd.org Subject: Re: panic Message-ID: <199912280630.WAA01257@mass.cdrom.com> In-Reply-To: Your message of "Mon, 27 Dec 1999 22:06:17 PST." <Pine.SOL.4.05.9912272203320.28737-100000@luna.lyris.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > > I was not root when this happened, so, basically, you're saying that > > freebsd is not meant for a production environment where untrusted users > > have telnet access? > > As far as I can tell, yes. Until default per user mbuf limitations or some > such thing is in place no amount of mbufs will prevent intentionally bad > code from downing the machine. My understanding is that this was not a > problem in 2.x. It's a fundamental problem with the BSD mbuf architecture. It's not something that as many people were seeing with 2.2 simply because people weren't pushing systems as hard back then. There's a conscious tradeoff between raw performance and tuning requirement in the BSD mbuf allocator. You can't add more buffering once the system has started, so you need to tune at kernel build or load time. The upside from this is that certain critical network buffer operations are extremely efficient. Work is underway (and in fact mostly complete) to reduce the fataility of mbuf starvation to the system, but the fact remains that correct tuning of the BSD kernel is and always has been critical to performance and robustness. -- \\ Give a man a fish, and you feed him for a day. \\ Mike Smith \\ Tell him he should learn how to fish himself, \\ msmith@freebsd.org \\ and he'll hate you for a lifetime. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199912280630.WAA01257>