Date: Mon, 15 Aug 2011 16:19:36 +0400 From: Slawa Olhovchenkov <slw@zxy.spb.ru> To: Arnaud Lacombe <lacombar@gmail.com> Cc: Lawrence Stewart <lstewart@freebsd.org>, Andre Oppermann <andre@freebsd.org>, Steven Hartland <killing@multiplay.co.uk>, freebsd-net@freebsd.org Subject: Re: tcp failing to recover from a packet loss under 8.2-RELEASE? Message-ID: <20110815121936.GY94016@zxy.spb.ru> In-Reply-To: <CACqU3MV9jJy5Q-7HC1315kQkr3%2BSp=YD%2BVqJEDaxoq5-nKK8tQ@mail.gmail.com> References: <4E37C0F2.4080004@freebsd.org> <2B063B6D95AA4C27B004C50D96393F91@multiplay.co.uk> <C706DEE346684B8DB06CFC090F556E72@multiplay.co.uk> <4E3AA66A.6060605@freebsd.org> <20110805065743.GC94016@zxy.spb.ru> <4E4330B5.5030100@freebsd.org> <20110811123102.GQ94016@zxy.spb.ru> <4E43DA31.7000605@freebsd.org> <20110811135454.GR94016@zxy.spb.ru> <CACqU3MV9jJy5Q-7HC1315kQkr3%2BSp=YD%2BVqJEDaxoq5-nKK8tQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 12, 2011 at 11:32:36AM -0400, Arnaud Lacombe wrote: > Hi, > > On Thu, Aug 11, 2011 at 9:54 AM, Slawa Olhovchenkov <slw@zxy.spb.ru> wrote: > > On Thu, Aug 11, 2011 at 11:33:37PM +1000, Lawrence Stewart wrote: > > > >> >>> Autotunig w/o limits is bad idea. This is way to DoS. > >> >> > >> >> Depends how it is implemented. With appropriate backpressure mechanisms > >> >> put in place, it could be perfectly safe. I envisage reassembly segments > >> >> being at the bottom of the heap in terms of importance, so if a machine > >> >> were to come under memory pressure, they would be the first thing to be > >> >> reclaimed. TCP would continue to operate if they got pulled out from > >> >> under the connection as the protocol doesn't consider segments held in > >> >> reassembly to have been delivered, so would recover via retransmission. > >> > > >> > Yes, TCP would continue to operate. But attacker don't allow to put > >> > system under memory pressure. > >> > >> Without a concrete patch to discuss, let's just agree to disagree for > >> the time being. FreeBSD does a fairly good job autoscaling and reacting > >> to pressure with the VM subsystem for example. I don't see why we > >> can't > > > > Yes, and VM system allow to set different memory limits for proccess (and now for jails). > > > >> become good at doing it with the netstack. Manual tuning sucks and can > >> be just as dangerous if you tune things up to get performance, which > >> opens you up to the same problems. > > > > Autoscaling with limits is good. > > Automatic computation of limits (from available resources) also is > > good (currently limits frequently to small for modern installation, > > but don't remember about embeded systems). > > > <off topic> > All the useless limitation BSD puts all over the place wrt. memory > management is a huge pain to deal with. nmbcluster, zone limitation > and friend are just useless. Just try to use NetGraph with a > consequent number of nodes and a high enough pps and the stuff with > will start dropping packet all over the place, even if the box has > Gigs of free memory. This problem can be solved by tuning next values in /boot/loader.conf? # netgraph queue sizes tuning, see vmstat -z|egrep 'ITEM|NetGraph' net.graph.maxdata=65536 net.graph.maxalloc=65536 > <off topic/> > > - Arnaud
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110815121936.GY94016>