> Hello!
>
> > The aim of TCP SYN policing is to prevent server overload by discarding
> > connection requests
>
> Well, I alluded to this particularly. :-)
>
> But if Sridhar meaned this saying about SYN policing, I would
> prefer this, rather than bare prioritization, which is pretty
> dubious when taken alone.
Alexey,
Yes. I also meant that in kernel prioritization of connections needs to be
complemented with SYN policing so that starvation of a particular class of
connections is avoided. We do mention this in our HOWTO for our patch.
I also agree with your suggestion that an enhancement to our patch can be
to reserve some slots for each class based on the priority and drop lower
priority connections even when accept queue is not full.
I am not sure how much overhead is involved in maintaining the the no. of
slots left for each priority class. Also what should be the ratio of slots
that need to reserved for each class?
Do you think that the existing PAQ patch with SYN policing is a reasonable
way for prioritizing incoming connection requests? Or will it be worthwhile
to enhance our patch to add dropping of connections based on priority.
Preempting existing low priority connections in acceptq with high priority
ones may not be good idea as we need to abort them by sending a RST.
Thanks
Sridhar
>
> Alexey
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/