kern/189720: [ipfw] [patch] pps action for ipfw
bycn82
bycn82 at gmail.com
Sat May 31 09:07:01 UTC 2014
>
> What is the "use case" of this addition? Is this objective to limit the mischief
> on a certain port, for example ntp or port 53?
>
> I can appreciate the need to limit the number of packets during, say a DDOS
> event, but I'm struggling with why I would want less that 1 packet per second.
>
The original propose is "packet per second", I met this kind of requirement , for example ,if you network appliance want to support 10 queries per second, then you cannot use dummynet because the query packets are not fixed size.
> Is the idea of pps meant to remove the need of dummynet where it is used
> in almost trivial cases? Though if this were the case, then bps (bits per
> second) may be more useful?
>
So in the beginning , the option is named “PPS”, and it accepts only 1 parameter. But Luigi said “10 per second” is different from “1 per 100 ms” and “1 per 100 ms” should be better!
> Dewayne.
>
More information about the freebsd-ipfw
mailing list