[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-isp
Subject:    Re: FreeBSD, quagga (BGP) and 2950 VLANs
From:       Daniel Pocock <daniel () lvdx ! com>
Date:       2005-09-26 21:50:05
Message-ID: 43386D0D.7000209 () lvdx ! com
[Download RAW message or body]


Chuck Swiger wrote:

> Daniel Pocock wrote:
> [ ... ]
>
>> I'm also curious about whether FreeBSD supports polled rather than 
>> interrupt driven behaviour in the NIC driver - that means that the 
>> system won't keep on re-entering an interrupt handler concurrently 
>> while under load (when a DoS attack is in progress).
>
>
> Indeed it does, see "man polling".
> Make sure you increase HZ to at least 1000...
>
Good news - I got the quagga and vlan stuff working.  Thanks for all 
those who gave tips on this issue.  It was surprisingly easy to get all 
this going and I'm now receiving a full BGP table from an upstream provider.

I'm now starting to look at how to filter packets that I am forwarding, 
to ensure that none of the people I connect to can use me as their 
default route (unless I give them permission to do so).  The FreeBSD 
docs mention three different packet filters - pf, ipfw and ipf.

Does any of these have specific benefits for a routing device that is 
forwarding 99.9% of it's traffic to other hosts, or is it just a 
question of personal preference?  The rules I intend to write are fairly 
simple, and I don't need any state-based stuff.

--------------------------------------
Director
London Voice and Data Exchange Limited
http://www.lvdx.com
--------------------------------------


["smime.p7s" (application/x-pkcs7-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]