Re: netif_rx packet dumping

netdev

Re: netif_rx packet dumping

To:	John Heffner <jheffner@xxxxxxx>
Subject:	Re: netif_rx packet dumping
From:	Lennert Buytenhek <buytenh@xxxxxxxxxxxxxx>
Date:	Fri, 4 Mar 2005 04:31:07 +0100
Cc:	Stephen Hemminger <shemminger@xxxxxxxx>, baruch@xxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to:	<Pine.LNX.4.58.0503032116020.28187@xxxxxxxxxxxxx>
References:	<20050303132143.7eef517c@xxxxxxxxxxxxxxxxx> <1109885065.1098.285.camel@xxxxxxxxxxxxxxxx> <20050303133237.5d64578f.davem@xxxxxxxxxxxxx> <20050303135416.0d6e7708@xxxxxxxxxxxxxxxxx> <Pine.LNX.4.58.0503031657300.22311@xxxxxxxxxxxxx> <1109888811.1092.352.camel@xxxxxxxxxxxxxxxx> <20050303151606.3587394f@xxxxxxxxxxxxxxxxx> <Pine.LNX.4.58.0503031818270.22311@xxxxxxxxxxxxx> <20050304014227.GB28874@xxxxxxxxxxxxxxxxx> <Pine.LNX.4.58.0503032116020.28187@xxxxxxxxxxxxx>
Sender:	netdev-bounce@xxxxxxxxxxx
User-agent:	Mutt/1.4.1i

On Thu, Mar 03, 2005 at 10:10:55PM -0500, John Heffner wrote:

> The forwarding case where you actually need congestion control, as
> opposed to absorbing bursts, is pretty gross.  If you have a router
> (more likely firewall) whose bottleneck is the CPU, then you're
> operating entirely in you input queue.  Yuck.

Yes.  This does happen under DoS (or just if your hardware is plain
underspec'ed), and even though you can't really avoid interrupt
livelock and starving userland processes when you're using a non-NAPI
driver (which is what we're talking about here), you don't want to go
OOM as well.

Removing the backlog is a problem also for the non-forwarding case --
you don't want someone to be able to OOM your server just by flooding
it with enough packets.  ("Wait, I can't drop those, those might be
legitimate ACKs!")

--L

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: netif_rx packet dumping, (continued) Re: netif_rx packet dumping, Baruch Even Re: netif_rx packet dumping, jamal Re: netif_rx packet dumping, Baruch Even Re: netif_rx packet dumping, jamal Re: netif_rx packet dumping, Baruch Even Re: netif_rx packet dumping, jamal Re: netif_rx packet dumping, cliff white Re: netif_rx packet dumping, John Heffner Re: netif_rx packet dumping, Lennert Buytenhek Re: netif_rx packet dumping, John Heffner Re: netif_rx packet dumping, Lennert Buytenhek <= Re: netif_rx packet dumping, Edgar E Iglesias Re: netif_rx packet dumping, Stephen Hemminger Re: netif_rx packet dumping, Edgar E Iglesias Re: netif_rx packet dumping, Jason Lunz Re: netif_rx packet dumping, jamal Re: netif_rx packet dumping, Baruch Even Re: netif_rx packet dumping, David S. Miller Re: netif_rx packet dumping, Baruch Even Re: netif_rx packet dumping, Andi Kleen Re: netif_rx packet dumping, David S. Miller

Previous by Date:	Re: [PATCH 2/2] [NEIGH]: Provide number of probes to userspace, YOSHIFUJI Hideaki / 吉藤英明
Next by Date:	Re: netif_rx packet dumping, jamal
Previous by Thread:	Re: netif_rx packet dumping, John Heffner
Next by Thread:	Re: netif_rx packet dumping, Edgar E Iglesias
Indexes:	[Date] [Thread] [Top] [All Lists]