| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Apr 2021 14:04:34 -0400
From: Matt Corallo <netdev-list@...tcorallo.com>
To: Eric Dumazet <edumazet@...gle.com>
Cc: Willy Tarreau <w@....eu>, "David S. Miller" <davem@...emloft.net>,
netdev <netdev@...r.kernel.org>,
Alexey Kuznetsov <kuznet@....inr.ac.ru>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
Keyu Man <kman001@....edu>
Subject: Re: [PATCH net-next] Reduce IP_FRAG_TIME fragment-reassembly timeout
to 1s, from 30s
On 4/30/21 13:53, Matt Corallo wrote:
>
> Buffer bloat exists, but so do networks that will happily drop 1Mbps of packets. The first has always been true, the
> second only more recently has become more and more common (both due to network speed and application behavior).
It may be worth noting, to further highlight the tradeoffs made here - that, given a constant amount of memory allocated
for fragment reassembly, *under* estimating the timeout will result in only loss of some % of packets which were
reordered in excess of the timeout, whereas *over* estimating the timeout results in complete blackhole for up to the
timeout in the face of material packet loss.
This asymmetry is why I suggested possibly random eviction could be useful as a different set of trade-offs, but I'm
certainly not qualified to make that determination.
Thanks again for your time and consideration,
Matt
Powered by blists - more mailing lists