I think it is a good idea to limit the number of concurrent connects in
bgpd. I used 32 as the limit since that is way enough for the number of
RTR sessions people will configure.
If the limit is hit the request will be dropped and the rtr process will
retry the connect after the retry timeout. Hopefully by then the number of
connections is down again.
--
:wq Claudio
Index: bgpd.c
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/bgpd.c,v
retrieving revision 1.236
diff -u -p -r1.236 bgpd.c
--- bgpd.c 11 May 2021 07:57:24 -0000 1.236
+++ bgpd.c 11 May 2021 08:00:25 -0000
@@ -74,6 +74,7 @@ struct connect_elm {
TAILQ_HEAD( ,connect_elm) connect_queue = \
TAILQ_HEAD_INITIALIZER(connect_queue);
u_int connect_cnt;
+#define MAX_CONNECT_CNT 32
void
sighdlr(int sig)
@@ -1303,6 +1304,12 @@ bgpd_rtr_connect(struct rtr_config *r)
struct connect_elm *ce;
struct sockaddr *sa;
socklen_t len;
+
+ if (connect_cnt >= MAX_CONNECT_CNT) {
+ log_warnx("rtr %s: too many inflight connection requests",
+ r->descr);
+ return;
+ }
if ((ce = calloc(1, sizeof(*ce))) == NULL) {
log_warn("rtr %s", r->descr);
