On Mon, 15 Mar 2004, David S. Miller wrote: > To be honest, while I'm not against making the tables a little bigger, > for ARP "WHO THE FUCK CARES" if another 100 cycles or so are burnt on > a lookup. What setup do you have where ARP performance is a real issue? > > Your original email was nice in describing the fact that ARP does not > scale, but you've made no foundation on which to erect a claim that > scalability for ARP (and thus the added complexity/changes) is even > necessary. Consider the similar on large subnets (e.g., used with bridged DSL -- a /19 is not uncommon), or with IPv6. Isn't there a problem when an outside attacker brute-force pings every IP address in some order? The intent here is to overload the router to do a lot of ARP/ND requests which result to nothing. Did I misunderstand or is this also something remedied by this patch? At least, this particular feature could be very useful. FWIW, for IPv6, this specific attack has been described in http://www.ietf.org/internet-drafts/draft-ietf-send-psreq-04.txt section 4.3.2. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
