> And we have done experiments with controlling interrupts and running
> the RX at "lower" priority. The idea is take RX-interrupt and immediately
> postponing the RX process to tasklet. The tasklet opens for new RX-ints.
> when its done.  This way dropping now occurs outside the box since and
> dropping becomes very undramatically.

<snip>

> A bit of explanation. Above is output from tulip driver. We are forwarding
> 44079 and we are dropping  49913 packets per second!  This box has
> full BGP. The DoS attack was going on for about 30 minutes BGP survived
> and the box was manageable. Under a heavy attack it still performs well.

Nice.  Any chance of similar functionality finding its' way outside the
Tulip driver, eg. to 3c509 or via-rhine?  I'd find those useful, since one
or two of my Macs appear to be capable of generating pseudo-DoS levels of
traffic under certain circumstances which totally lock a 486 (for the
duration) and heavily load a P166 - even though said Macs "only" have
10baseT Ethernet.

OTOH, proper management of the circumstances under which this flooding
occurs (it's an interaction bug which occurs when the Linux machine ends up
with a zero-sized TCP receive window) would also be rather helpful.

--------------------------------------------------------------
from:     Jonathan "Chromatix" Morton
mail:     [EMAIL PROTECTED]  (not for attachments)
big-mail: [EMAIL PROTECTED]
uni-mail: [EMAIL PROTECTED]

The key to knowledge is not to rely on people to teach you it.

Get VNC Server for Macintosh from http://www.chromatix.uklinux.net/vnc/

-----BEGIN GEEK CODE BLOCK-----
Version 3.12
GCS$/E/S dpu(!) s:- a20 C+++ UL++ P L+++ E W+ N- o? K? w--- O-- M++$ V? PS
PE- Y+ PGP++ t- 5- X- R !tv b++ DI+++ D G e+ h+ r++ y+(*)
-----END GEEK CODE BLOCK-----


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to