On Fri, 31 Dec 2021, 20:55 Daryll Swer, <daryllswer15@xxxxxxxxx> wrote:
Hi FolksSo I will get straight to the point, I am trying to figure out some answers on icmp_ratelimit and icmp_ratemask based on the man page.The questions are:
- How can we determine the Packet per second rate on any given rate-limit value (say 10)?
The values of icmp_ratelimit are expressed in milliseconds. The default is 1000 milliseconds.
Therefore, as in your questions, a limit of 10 milliseconds means that the rate limit is 1 message per 10 millisecond, that is 100 messages per second.
Where is the problem?
Please don't ask people here to do the trivial homework for you. :(
Maybe that this the reason why nobody has yet answered your 10 days old questions...
- Without of course going the hard way of benchmarking it by ICMP flooding.
This is not needed and, honestly, I cannot understand why you need to test it...
Please read the manual and my words one more time.
- Just what exactly is the correct mask in Binary form to include all known ICMP types instead of just the default mask? Been having a hard time with this one.
It's simple to build it. Read again the section about icmp_ratemask.
In the above-mentioned section there is a list with all types of ICMP messages. The construction of a mask is also explained with a very comprehensible example.
- Do we have something of this nature for IPv6 in the Kernel? I don't see it in most Linux based NetworkOSes as a documented feature.
Check it by yourself. Do you have a /proc/sys/net/ipv4 directory? Well, you should also have a /proc/sys/net/ipv6 unless you've disabled IPv6.
Look at the ./ipv6 directory and then under ./icmp.
Regards,
Fabio M. De Francesco
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
