tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: ndp

On Wed, Feb 20, 2013 at 12:52:25AM +0000, George Michaelson wrote:
> I have accidentally participated in an apparent DoS like this, when a 
> diagnostic 'is IPv6 working' account I hosted leaked to the wrong /32 and 
> an ISP somewhere in South America started to get saturated by a walk 
> across their announced space.
> I believe there are commercial implementations of switch logic which do 
> some kind of ageing out of the ND cache to set limits on growth. Maybe a 
> Ptree for this stuff in NetBSD needs a timer, and a background process to 
> mark/sweep idle entries.

A background process won't run at the required interval - under stress
it won't be often enough, and the rest of the time it is too often.

If you just timestamp the entries you can prune idle ones during insert
(which is code that will already have the tree write locked).
The code also need only worry about items it the branch of the tree
it is processing.


David Laight:

Home | Main Index | Thread Index | Old Index