jumbograms (& em) & nfs a no go
Michal Mertl
mime at traveller.cz
Sun Nov 2 05:11:08 PST 2003
On Sat, 1 Nov 2003, Terry Lambert wrote:
> I think at this point, you are going to have to look at the
> sources; IMO, it's a problem in some code that calls the
> ether_output() function directly with too large a packet, and
> since NFS doesn't manually implement TCP, that's not it.
>
> Hmmm. Is this maybe UDP? If so, the easiest fix is "don't
> use UDP"; FreeBSD's UDP fragment reassembly code sucks anyway,
> and gives an excellent means of implementing a DOS attack on
> the target system's available mbufs.
>
> If it's UDP, and you insist on it working, you might want to
> make sure that the packet goes through the UDP fragmentation
> and NFS rsize/wsize limitation code.
>
I noticed in src/sys/dev/em/README that there are problems with jumbograms
and UDP so I use TCP.
--
Michal Mertl
More information about the freebsd-current
mailing list