tcp failing to recover from a packet loss under 8.2-RELEASE?
Arnaud Lacombe
lacombar at gmail.com
Fri Aug 12 15:32:38 UTC 2011
Hi,
On Thu, Aug 11, 2011 at 9:54 AM, Slawa Olhovchenkov <slw at zxy.spb.ru> wrote:
> On Thu, Aug 11, 2011 at 11:33:37PM +1000, Lawrence Stewart wrote:
>
>> >>> Autotunig w/o limits is bad idea. This is way to DoS.
>> >>
>> >> Depends how it is implemented. With appropriate backpressure mechanisms
>> >> put in place, it could be perfectly safe. I envisage reassembly segments
>> >> being at the bottom of the heap in terms of importance, so if a machine
>> >> were to come under memory pressure, they would be the first thing to be
>> >> reclaimed. TCP would continue to operate if they got pulled out from
>> >> under the connection as the protocol doesn't consider segments held in
>> >> reassembly to have been delivered, so would recover via retransmission.
>> >
>> > Yes, TCP would continue to operate. But attacker don't allow to put
>> > system under memory pressure.
>>
>> Without a concrete patch to discuss, let's just agree to disagree for
>> the time being. FreeBSD does a fairly good job autoscaling and reacting
>> to pressure with the VM subsystem for example. I don't see why we
>> can't
>
> Yes, and VM system allow to set different memory limits for proccess (and now for jails).
>
>> become good at doing it with the netstack. Manual tuning sucks and can
>> be just as dangerous if you tune things up to get performance, which
>> opens you up to the same problems.
>
> Autoscaling with limits is good.
> Automatic computation of limits (from available resources) also is
> good (currently limits frequently to small for modern installation,
> but don't remember about embeded systems).
>
<off topic>
All the useless limitation BSD puts all over the place wrt. memory
management is a huge pain to deal with. nmbcluster, zone limitation
and friend are just useless. Just try to use NetGraph with a
consequent number of nodes and a high enough pps and the stuff with
will start dropping packet all over the place, even if the box has
Gigs of free memory.
<off topic/>
- Arnaud
More information about the freebsd-net
mailing list