[122327] in North American Network Operators' Group
Re: Linux Router distro's with dual stack capability
daemon@ATHENA.MIT.EDU (Chuck Anderson)
Thu Feb 11 18:20:48 2010
Date: Thu, 11 Feb 2010 18:20:13 -0500
From: Chuck Anderson <cra@WPI.EDU>
To: nanog@nanog.org
Mail-Followup-To: nanog@nanog.org
In-Reply-To: <1265926323.19057.12.camel@petrie.dereferenced.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, Feb 11, 2010 at 04:12:03PM -0600, William Pitcock wrote:
> On Thu, 2010-02-11 at 13:05 -0500, Jack Carrozzo wrote:
> > Lots of people roll FreeBSD with Quagga/pf/ipfw for dual stack. See
> > the freebsd-isp list.
>
> FreeBSD's network stack chokes up in DDoS attacks due to interrupt
> flooding. We used to use FreeBSD for firewalling and basic routing, but
> when noticing that we had horizontal scalability (e.g. a Celeron 667mhz
> performed nearly as well as a dual dual-core Xeon system when DDoS
> attacks happened), we switched to Vyatta, and generally have not looked
> back.
Have you tried using FreeBSD's polling mode instead of interrupt mode?
No experience with it myself, but it sounds cool:
http://info.iet.unipi.it/~luigi/polling/
