Which is yet another good reason to implement early demux/lazy
processing. Basically, all packet processing is punted over to the
socket structure from the device driver. If the socket queue is
overfull, we drop the packet. If we get a packet for an unbound
service, we can either drop or pass it along to a kernel response
thread. If we get a new connection request, it gets delivered to the
listen()ing socket. By tailoring the backlog and priorities of each of
these threads, we can tailor overload charateristics of the box for
optimal performance. With some protocols it may be possible to do early
demux in hardware, without even interrupting the CPU for flood attacks.
Of course, network performance will still suffer due to collisions, but
your box won't fall over and die.
Zach Amsden
zamsden@engr.sgi.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/