From: Tom Herbert
Date: Mon, 11 Dec 2017 14:16:17 -0800
> How can we build a system that allows an unlimited number of
> resolutions without drop?
IPV4 routing solves this with a prefixed trie, for example.
The fundamental backing datastructure for the switching
or whatever operation must be in
On Mon, Dec 11, 2017 at 2:16 PM, Tom Herbert wrote:
> On Mon, Dec 11, 2017 at 1:34 PM, David Miller wrote:
>> From: Tom Herbert
>> Date: Mon, 11 Dec 2017 12:38:28 -0800
>>
>>> DOS mitigations:
>>>
>>> - The number of outstanding resolutions is limited by the size of the
>>> table
>>> - Timeout
On Mon, Dec 11, 2017 at 1:34 PM, David Miller wrote:
> From: Tom Herbert
> Date: Mon, 11 Dec 2017 12:38:28 -0800
>
>> DOS mitigations:
>>
>> - The number of outstanding resolutions is limited by the size of the
>> table
>> - Timeout of pending entries limits the number of netlink resolution
>>
From: Tom Herbert
Date: Mon, 11 Dec 2017 12:38:28 -0800
> DOS mitigations:
>
> - The number of outstanding resolutions is limited by the size of the
> table
> - Timeout of pending entries limits the number of netlink resolution
> messages
> - Packets are not queued that are pending resolutio
This patch implements generic in-kernel network resolver. The idea is
that an LWT "resolver" route is set in the kernel to cover some prefix.
When a packet hits the route a netlink message is fired to request
resolution and pending resolutions are tracked in a table.
Route resolution works in the
