netdev
[Top] [All Lists]

Re: [BUG] overflow in net/ipv4/route.c rt_check_expire()

To: Robert Olsson <Robert.Olsson@xxxxxxxxxxx>
Subject: Re: [BUG] overflow in net/ipv4/route.c rt_check_expire()
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Sun, 3 Apr 2005 05:32:24 +1000
Cc: Eric Dumazet <dada1@xxxxxxxxxxxxx>, davem@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to: <16974.41648.568927.54429@robur.slu.se>
References: <E1DHdsP-0003Lr-00@gondolin.me.apana.org.au> <424E641A.1020609@cosmosbay.com> <16974.41648.568927.54429@robur.slu.se>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040907i
On Sat, Apr 02, 2005 at 03:48:32PM +0200, Robert Olsson wrote:
>  
>  > Crashes usually occurs when secret_interval interval is elapsed : 
> rt_cache_flush(0); is called, and the whole machine begins to die.
> 
>  A good idea to increase the secret_interval interval but it should survive.

Incidentally we should change the way the rehashing is triggered.
Instead of doing it regularly, we can do it when we notice that a
specific hash chain grows beyond a certain size.

The idea is that if someone is attacking our hash then they can
only do so by lengthening the chains.  If they're not doing that
then even if they knew how to attack us we don't really care.

Of course when it does happen it'll still kill your machine unless
we can find a way to amortise this.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

<Prev in Thread] Current Thread [Next in Thread>