Re: Problem with ICMP rate limiting and redirects

Problem with ICMP rate limiting and redirects · Hugo Vasconcelos Saldanha <hidden> · 2015-09-30
Re: Problem with ICMP rate limiting and redirects · Eric Dumazet <hidden> · 2015-09-30
Re: Problem with ICMP rate limiting and redirects · Hugo Vasconcelos Saldanha <hidden> · 2015-09-30
Re: Problem with ICMP rate limiting and redirects · Eric Dumazet <hidden> · 2015-09-30
Re: Problem with ICMP rate limiting and redirects · Hugo Vasconcelos Saldanha <hidden> · 2015-10-01
Re: Problem with ICMP rate limiting and redirects · Eric Dumazet <hidden> · 2015-10-01

From: Eric Dumazet <hidden>
Date: 2015-10-01 20:53:05

On Thu, 2015-10-01 at 15:38 -0300, Hugo Vasconcelos Saldanha wrote:

Thanks for pointing that out.

But how should all the sysctl's that control ICMP messages sent to
specific targets (icmp_ratelimit, redirect_load, redirect_number,
redirect_silence, error_cost and error_burst) be treated without
relying on inetpeer? Entries in ip_idents hash don't represent
specific targets. Am I missing something?


You could still rely on inetpeer if its size is controlled and capped.

And then fallback to ip_idents hash if inetpeer tree gets too big.

Best effort would be enough.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help