From mboxrd@z Thu Jan 1 00:00:00 1970 From: Karl Gaissmaier Date: Thu, 22 Aug 2002 20:55:57 +0000 Subject: Re: [LARTC] Q: best solution to stop traffic to huge amount of Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Robert Collier schrieb: > > Hi Karl, > > I don't have any suggestions for an easy way to solve your problem - > but: > > On Thu, Aug 22, 2002 at 09:38:58AM +0200, Karl Gaissmaier wrote: > > With ip route I think I have to describe all unregistered hosts > > to stop traffic and not the smaller amount of registered hosts. > > Does the FIB and route cache scale well to approx 30k routes? > > With 'large routing tables' enabled the kernel works just fine with a > full internet routing table of 115,000 routes so a mere 30,000 should > be a doddle. > > Your main problem will be getting the routes into the kernel. Yes this is a problem. I tried for fun to build a 64k routing table with: ip route add type prohibit 10.0.i.j (i=0..255; j=0..255) and this took more than one hour on my home desktop (old pentium 90) to fill the routing table. Even if I know that this is pretty old stuff I was astonished over this slow progress. The question that arises is now for me, how long does it take for a full internet routing table to get synchronized after a route flush with a linux router? Anyway, you told me that the kernel works fine with 115k routes but be aware I will use this with Gigabit Interfaces. What is the average forwarding time in ms for a packet with 115k routes? Best regards and thanks for your answer Charly -- Karl Gaissmaier Computing Center,University of Ulm,Germany Email:karl.gaissmaier@rz.uni-ulm.de Network Administration _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/