Re: Linux Router distro's with dual stack capability

["Kevin Oberman" <oberman () es net>]

> Date: Thu, 11 Feb 2010 18:20:13 -0500
> From: Chuck Anderson <cra () WPI EDU>
>
> On Thu, Feb 11, 2010 at 04:12:03PM -0600, William Pitcock wrote:
> > On Thu, 2010-02-11 at 13:05 -0500, Jack Carrozzo wrote:
> > > Lots of people roll FreeBSD with Quagga/pf/ipfw for dual stack. See
> > > the freebsd-isp list.
> >
> > FreeBSD's network stack chokes up in DDoS attacks due to interrupt
> > flooding.  We used to use FreeBSD for firewalling and basic routing, but
> > when noticing that we had horizontal scalability (e.g. a Celeron 667mhz
> > performed nearly as well as a dual dual-core Xeon system when DDoS
> > attacks happened), we switched to Vyatta, and generally have not looked
> > back.
>
> Have you tried using FreeBSD's polling mode instead of interrupt mode?
>
> No experience with it myself, but it sounds cool:
>
> http://info.iet.unipi.it/~luigi/polling/

Polling is excellent for low speed lines, but for Gig and faster, most
newer interfaces support interrupt coalescing. This easily resolves the
issue in hardware as interrupts are only issued when needed but limited
to a reasonable rate, Polling does not use interrupts, but consumes
system resources regardless of traffic.

FreeBSD has supported polling for a long time (V6?) and interrupt
coalescing since some release of V7. (Latest release is V8.)
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman () es net                       Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751