16Mb/s burst to 34Mb/s The traffic was reaching approximately 8Mb/s total
and the SYNs were spoofed. Trying to deal with the provider NOC on a
weekend is like trying to convince the entire world never to buy m$ again.
>> I haven't looked at the networking code, but the supposition is that the
>> firewall should drop the offending packets and not allow them to consume
>> my entire stack.
>
> No. The firewall can't magically tell who was a "good" connection, and
> if as I suspect you simply ran out of bandwidth you lose. The first rule
> of information and real warfare is the same "man with biggest club wins"
If a firewall rule is in place to drop the packet on the floor, should
those packets still be allowed to consume the entire network stack?
Shouldn't there be a bit reserved for the communications that are already
in place?
I had plenty of bandwidth remaining. If I went out to the world, I go
there. A tad lagged but it was successful. If I tried another connection
on the target machine, It took a long time and eventually connected, but
stalled after that. Of the six running connections I had (all ssh) all
but two of them stalled.
It sounds like the firewall is dropping the packets late in the game after
the packets have already done their damage. That being consuming
resources. Is this changeable?
-d
-- Look, Windows 98 Buy, lemmings, buy! MCSE, Must Consult Someone Experienced (c) 1998 David Ford. Redistribution via the Microsoft Network is prohibited. for linux-kernel: please read linux/Documentation/* before posting problems
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/