Re: 5.x concerns
From: Robert Watson (rwatson_at_FreeBSD.org)
Date: 02/13/05
- Previous message: Robin Schoonover: "Re: Save the Demon!"
- In reply to: Scott Long: "Re: 5.x concerns"
- Next in thread: Kris Kennaway: "Re: 5.x concerns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 13 Feb 2005 20:49:16 +0000 (GMT) To: Scott Long <scottl@freebsd.org>
On Sun, 6 Feb 2005, Scott Long wrote:
> > 3 - robustness, 5.3 seems to not handle ddos attacks so well, I
> > remember on a 4.x machine I could easily take a full 100mbit udp flood
> > and have the server respond albeit maybe with some lag but it stayed
> > functional, 5.x seems to crumble under a lot less pressure on the same
> > machine. This could be with pf been loaded on top of ipfw adding
> > extra overhead I dont know.
>
> This probably would add quite a bit of overhead. The ipfw package is
> not locked, so dealing with that adds even more overhead, unfortunately.
Actualy, just to set the record straight on this technically -- ipfw is
locked, albeit using a variation on the sx lock theme. ipfw will run
without Giant as long as the rest of the stack is running without Giant.
Robert N M Watson
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
- Previous message: Robin Schoonover: "Re: Save the Demon!"
- In reply to: Scott Long: "Re: 5.x concerns"
- Next in thread: Kris Kennaway: "Re: 5.x concerns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
