Subject: kern/7586: denial of service from mbuf exhaustion.
To: None <gnats-bugs@gnats.netbsd.org>
From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
List: netbsd-bugs
Date: 05/14/1999 20:21:57
>Number:         7586
>Category:       kern
>Synopsis:       denial of service from mbuf exhaustion.
>Confidential:   yes
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people (Kernel Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri May 14 20:20:01 1999
>Last-Modified:
>Originator:     Bill Sommerfeld
>Organization:
	
>Release:        1.4
>Environment:
	
System: NetBSD orchard.arlington.ma.us 1.4A NetBSD 1.4A (ORCHARDII) #60: Tue May 4 11:31:35 EDT 1999 sommerfeld@orchard.arlington.ma.us:/usr/src/sys/arch/i386/compile/ORCHARDII i386


>Description:
	it's far too easy to wedge up a system by consuming all
	available mbuf clusters... simply set up a bunch of sockets
	for reading, give them a huge rcvbuf size, and fire stuff at
	it and never read anything .

>How-To-Repeat:
	discovered from watching sysmond (a random freeware network
	monitoring station) hose a system when it failed to service
	sockets regularly.
>Fix:
	add "reclaim" functions (called when the system is under
	memory pressure) which rip packets out of datagram and raw
	socket receive buffers if the buffers are too "old".

	it's not immediately obvious how to fix this for tcp sockets.
	(short of limiting the advertised window based on actual
	buffer space and precommitting buffers to each connection).
>Audit-Trail:
>Unformatted: