On Sun, 29 Jul 2001 kuznet@ms2.inr.ac.ru wrote: > Hello! > > > The aim of TCP SYN policing is to prevent server overload by discarding > > connection requests > > Well, I alluded to this particularly. :-) > > But if Sridhar meaned this saying about SYN policing, I would > prefer this, rather than bare prioritization, which is pretty > dubious when taken alone. Alexey, Yes. I also meant that in kernel prioritization of connections needs to be complemented with SYN policing so that starvation of a particular class of connections is avoided. We do mention this in our HOWTO for our patch. I also agree with your suggestion that an enhancement to our patch can be to reserve some slots for each class based on the priority and drop lower priority connections even when accept queue is not full. I am not sure how much overhead is involved in maintaining the the no. of slots left for each priority class. Also what should be the ratio of slots that need to reserved for each class? Do you think that the existing PAQ patch with SYN policing is a reasonable way for prioritizing incoming connection requests? Or will it be worthwhile to enhance our patch to add dropping of connections based on priority. Preempting existing low priority connections in acceptq with high priority ones may not be good idea as we need to abort them by sending a RST. Thanks Sridhar > > Alexey > - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org
