Date: Sat, 29 Aug 2015 14:12:04 +0700 From: Hien Phan <phanquochien@gmail.com> To: Dmitry Mikhailov <dmitry@pushware.net> Cc: freebsd-questions@freebsd.org Subject: Re: syncookie CPU load Message-ID: <CABtQ6wRW7t7aSjirJcAZgQUDa42a6tek6%2B_vHuFXW=sm4bHGEA@mail.gmail.com> In-Reply-To: <2142623530.346.1440828562305.JavaMail.zimbra@pushware.net> References: <2142623530.346.1440828562305.JavaMail.zimbra@pushware.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, pf has built-in synproxy support, you could try it. On Sat, Aug 29, 2015 at 1:09 PM, Dmitry Mikhailov <dmitry@pushware.net> wrote: > Doing a SYN flood test with FreeBSD on Xeon D (8 core) with syncookies > enabled and the CPU load is around 20% (interrupts) at 150K pps. Is there > any way reconfigure FreeBSD to bring this load down? Linux has a solution > with netfilter synproxy which would not notice this low pps rate so I am > wondering whether something similar is possible with FreeBSD? > > Dmitry > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CABtQ6wRW7t7aSjirJcAZgQUDa42a6tek6%2B_vHuFXW=sm4bHGEA>