death of the Internet predicted. Film at 11.

Adrian Chadd adrian at
Wed Aug 13 06:16:51 UTC 2014

On 12 August 2014 21:56, Craig Leres <leres at> wrote:
> I was impacted by this this morning. I had ssh and imaps sessions from
> my comcast address at home to a vps at and they all died
> overnight. But it was a very strange failure. icmp and udp still worked
> but tcp couldn't make the round trip. And this was true for several
> different cidr's has. But everything worked fine from
> other locations like from lbl.
> TCAM is pretty bizarre; I believe access lists use them and one time Bro
> installed too many and overran the TCAM. This was not straight forward
> to recover from (e.g. just removing a bunch of ACLs did not unfrob the
> router).

TCAM isn't bizarre. all the weird, complicated ways it is managed and
programmed is what's bizarre.

Some platforms may just decide "nope, overflowed, bye".

Some platforms may decide that the best thing to do is CPU punt, but
then you have to sort what you put into TCAM so when you CPU punt
you're not doing it incorrectly.  With that comes .. bugs.


More information about the freebsd-hackers mailing list