At 02:59 PM 16/08/2005, Pawel Jakub Dawidek wrote: >On Sat, Aug 13, 2005 at 02:23:51PM -0400, Mike Tancsa wrote: >+> Overnight I also let a copy of netperf run blasting various >network tests across the IPSEC tunnel and all was as expected. I >had to enable polling on the box as it was >+> getting dangerously close to livelock with the high level of >interrupts. At 1500 HZ its still quite fast, forwarding IPSEC >traffic at 60Mb/s and the box is VERY >+> responsive. Without the padlock.ko, it comes in just at 23Mb/s. > >Good news, but I think, I expected more... I think the processor is just really getting maxed out. 60Mb/s is still a very nice boost. And without polling, it was in the 80s which is pretty cool considering this is a very low end CPU Hz wise. Even unencrypted traffic at those rates makes the machine totally unresponsive due to the high interrupt load. +> Actually this happens in RELENG_6 as well. I have updated the PR with a crash dump and back trace. >Ok, I committed a fix to HEAD. >Here is the patch: > > http://people.freebsd.org/~pjd/patches/rijndael.patch Perhaps a lame question, but would it be possible to craft such a packet from the outside world to send as a DoS ? ---MikeReceived on Tue Aug 16 2005 - 17:53:27 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:41 UTC