Possible DoS in mpd 5.6 pppoe server
Eugene Grosbein
egrosbein at rdtc.ru
Sun Apr 21 13:59:47 UTC 2013
On 21.04.2013 06:08, Marcelo Gondim wrote:
> Em 20/04/13 14:33, Eugene Grosbein escreveu:
>> On 21.04.2013 00:26, Marcelo Gondim wrote:
>>
>>>> You seem to use dummynet and the problem is not in mpd/pppoe code,
>>>> it's it the dummynet code. Look at http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/162558
>>>> for workarounds.
>>> Ok :) I will try this:
>>>
>>> - net.isr.bindthreads=1 in /boot/loader.conf;
>>> - net.isr.direct=1 and net.isr.direct_force=1 in /etc/sysctl.conf
>> For 9.x and newer, net.isr.XXX knobs names have changed but defaults are fine -
>> if you have not messed them, you should be OK.
>>
>>
>>
> Eugene,
>
> Does FreeBSD 8.3-STABLEis best for this use or this problem also occurs
> in 8.x?
I have not tried anything newer than 8.x for this task yet.
With noted tuning, this problem within dummynet occurs very seldom for me.
I had about two or three panics for many months. Another one described here:
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/171711
Perhaps, using ng_car would be even more stable, I have not tried it.
Eugene Grosbein
More information about the freebsd-stable
mailing list