nanog mailing list archives
Re: Software router state of the art
From: Florian Weimer <fw () deneb enyo de>
Date: Mon, 28 Jul 2008 22:42:08 +0200
* Joe Greco:
I'm not sure where the claims about "{one, few} flow{s}" are coming from. Certainly the number of flows on a typical UNIX box acting as a router is not that relevant unless you specifically configure something like stateful firewalling, because the typical UNIX box simply doesn't have a *concept* of "flows." It deals with packets.
You are mistaken. Linux routing is flow-based. Ever wondered what those "dst cache overflow" messages mean you see during a DoS attack? It's the flow cache complaining that it can't expire records in an organic manner. I don't know much about FreeBSD. I think it got a route cache after FreeBSD 4, too. That's the reason why the FreeBSD 4 IP stack is still so popular.
Current thread:
- Re: Software router state of the art, (continued)
- Re: Software router state of the art Kevin Day (Jul 28)
- Re: Software router state of the art Aaron Glenn (Jul 28)
- Re: Software router state of the art Eugeniu Patrascu (Jul 29)
- RE: Software router state of the art michael.dillon (Jul 28)
- Re: Software router state of the art Seth Mattinen (Jul 28)
- Re: Software router state of the art Rev. Jeffrey Paul (Jul 28)
- Re: Software router state of the art Andrew D Kirch (Jul 28)
- Re: Software router state of the art Seth Mattinen (Jul 28)
- Re: Software router state of the art Joe Greco (Jul 28)
- Re: Software router state of the art Bill Nash (Jul 28)
- Re: Software router state of the art Florian Weimer (Jul 28)
- Re: Software router state of the art Naveen Nathan (Jul 23)
- Re: Software router state of the art Christopher Morrow (Jul 23)
- Re: Software router state of the art Wes Young (Jul 23)