| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 23 Jan 2011 17:38:49 +1100 From: Simon Horman <horms@...ge.net.au> To: "Michael S. Tsirkin" <mst@...hat.com> Cc: Rick Jones <rick.jones2@...com>, Jesse Gross <jesse@...ira.com>, Rusty Russell <rusty@...tcorp.com.au>, virtualization@...ts.linux-foundation.org, dev@...nvswitch.org, virtualization@...ts.osdl.org, netdev@...r.kernel.org, kvm@...r.kernel.org Subject: Re: Flow Control and Port Mirroring Revisited On Sat, Jan 22, 2011 at 11:57:42PM +0200, Michael S. Tsirkin wrote: > On Sat, Jan 22, 2011 at 10:11:52AM +1100, Simon Horman wrote: > > On Fri, Jan 21, 2011 at 11:59:30AM +0200, Michael S. Tsirkin wrote: > > > On Thu, Jan 20, 2011 at 05:38:33PM +0900, Simon Horman wrote: > > > > [ Trimmed Eric from CC list as vger was complaining that it is too long ] > > > > > > > > On Tue, Jan 18, 2011 at 11:41:22AM -0800, Rick Jones wrote: > > > > > >So it won't be all that simple to implement well, and before we try, > > > > > >I'd like to know whether there are applications that are helped > > > > > >by it. For example, we could try to measure latency at various > > > > > >pps and see whether the backpressure helps. netperf has -b, -w > > > > > >flags which might help these measurements. > > > > > > > > > > Those options are enabled when one adds --enable-burst to the > > > > > pre-compilation ./configure of netperf (one doesn't have to > > > > > recompile netserver). However, if one is also looking at latency > > > > > statistics via the -j option in the top-of-trunk, or simply at the > > > > > histogram with --enable-histogram on the ./configure and a verbosity > > > > > level of 2 (global -v 2) then one wants the very top of trunk > > > > > netperf from: > > > > > > > > Hi, > > > > > > > > I have constructed a test where I run an un-paced UDP_STREAM test in > > > > one guest and a paced omni rr test in another guest at the same time. > > > > > > Hmm, what is this supposed to measure? Basically each time you run an > > > un-paced UDP_STREAM you get some random load on the network. > > > You can't tell what it was exactly, only that it was between > > > the send and receive throughput. > > > > Rick mentioned in another email that I messed up my test parameters a bit, > > so I will re-run the tests, incorporating his suggestions. > > > > What I was attempting to measure was the effect of an unpaced UDP_STREAM > > on the latency of more moderated traffic. Because I am interested in > > what effect an abusive guest has on other guests and how that my be > > mitigated. > > > > Could you suggest some tests that you feel are more appropriate? > > Yes. To refraze my concern in these terms, besides the malicious guest > you have another software in host (netperf) that interferes with > the traffic, and it cooperates with the malicious guest. > Right? Yes, that is the scenario in this test. > IMO for a malicious guest you would send > UDP packets that then get dropped by the host. > > For example block netperf in host so that > it does not consume packets from the socket. I'm more interested in rate-limiting netperf than blocking it. But in any case, do you mean use iptables or tc based on classification made by net_cls? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists