Date: Tue, 12 Aug 2014 23:16:50 -0700 From: Adrian Chadd <adrian@freebsd.org> To: Craig Leres <leres@ee.lbl.gov> Cc: "freebsd-hackers@freebsd.org" <hackers@freebsd.org> Subject: Re: death of the Internet predicted. Film at 11. Message-ID: <CAJ-VmomUW0SG6pPjDUVf%2Bg38AEQpBZS9ykgrA4Hj5bGV4VoHNw@mail.gmail.com> In-Reply-To: <53EAF018.4020604@ee.lbl.gov> References: <CA7C5596-C06A-426A-8087-57E040E08E4E@netgate.com> <53EAF018.4020604@ee.lbl.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12 August 2014 21:56, Craig Leres <leres@ee.lbl.gov> wrote: > I was impacted by this this morning. I had ssh and imaps sessions from > my comcast address at home to a vps at arpnetworks.com and they all died > overnight. But it was a very strange failure. icmp and udp still worked > but tcp couldn't make the round trip. And this was true for several > different cidr's arpnetworks.com has. But everything worked fine from > other locations like from lbl. > > TCAM is pretty bizarre; I believe access lists use them and one time Bro > installed too many and overran the TCAM. This was not straight forward > to recover from (e.g. just removing a bunch of ACLs did not unfrob the > router). TCAM isn't bizarre. all the weird, complicated ways it is managed and programmed is what's bizarre. Some platforms may just decide "nope, overflowed, bye". Some platforms may decide that the best thing to do is CPU punt, but then you have to sort what you put into TCAM so when you CPU punt you're not doing it incorrectly. With that comes .. bugs. -a
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-VmomUW0SG6pPjDUVf%2Bg38AEQpBZS9ykgrA4Hj5bGV4VoHNw>