Date: Mon, 20 Sep 1999 11:47:54 -0700 (PDT) From: Kip Macy <kip@lyris.com> To: Dag-Erling Smorgrav <des@flood.ping.uio.no> Cc: Joao Carlos <jcarlos@bahianet.com.br>, stable@FreeBSD.ORG, questions@FreeBSD.ORG, security@FreeBSD.ORG, hitech@bahianet.com.br Subject: Re: Out of mbuf clusters Message-ID: <Pine.SOL.4.05.9909201137450.25063-100000@luna> In-Reply-To: <xzpso49r4hl.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Here is where your philosophy diverges from many others -- I and I believe many others think that a server operating system should at least be robust out of the box. Neither Linux nor Solaris is vulnerable to running out of mbufs as a result of malicious code. I don't think FreeBSD should be either. This is in no way a rant against FreeBSD, but rather a rant against the attitude that one needs to know about OS internals to run a lightweight server. If all of core insisted that Joe User had to know about internals to use FreeBSD as a server, FreeBSD would be little more than a hobbyist OS, rather than what it is -- the best OS currently available. -Kip On 20 Sep 1999, Dag-Erling Smorgrav wrote: > "Joao Carlos" <jcarlos@bahianet.com.br> writes: > > I'm running FreeBSD 3.3-STABLE, and compiled a kernel with 64 maxusers. It > > gives me somethink like 1048 processes. I don't know if it's a bug, or > > whatever, but i got crazy when i tested a program called CLONE on a IRC > > Server running i this machine. > > Before arriving 1024 connections on te IRCD, (NOTE: nothing more like httpd, > > squid, etc were running), The machine crashed, with the following message: > > I'll bet your CLONE thingy wasn't properly written, and doesn't > actually consume the data sent by the server, causing the server to > fill up mbufs. Currently, FreeBSD panics when it runs out of mbufs. > > 1) use ircd connection classes to prevent clients from opening more > than a small number of connections, and to limit the size of the > send queue. If you don't know what that means, don't run an IRC > server. > > 2) increase the number of mbuf clusters. If you don't know how to do > this, don't run an IRC server. > > 3) set up a heavy firewall in front of your server (preferably on > your border router) which protects your server from SYN floods, > UDP floods, smurfing fingerprinting, etc. If you don't know how to > do this, don't run an IRC server. > > 4) harden your TCP/IP stack to withstand SYN floods, UDP floods, > smurfing, fingerprinting, etc. Run a recent 4.0, or 3.3-R with my > hardening patches, and understand what those patches do and how to > use them. If you don't know how to do this, don't run an IRC > server. > > 5) lock your machine down tight, including disabling all services > except ircd and ssh and configuring sshd to only accept > connections from trusted hosts and require RSA authentication (no > rhosts, no password authentication). If you don't know how to do > this, don't run an IRC server. > > 6) if you need a flooder, try my joiner.pl. Read the source and > understand how it works and how to tune it before using it. Know > that it can (and will) crash your server if you didn't do 1) and > 2) properly. If you don't know how to do this, don't run an IRC > server. > > DES > -- > Dag-Erling Smorgrav - des@flood.ping.uio.no > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.05.9909201137450.25063-100000>