[RP-PPPoE] pppoe-server efficiency (was Re: IPv6 support)
David F. Skoll
dfs at roaringpenguin.com
Thu Aug 1 08:35:47 EDT 2013
On Wed, 31 Jul 2013 16:33:52 -0700
Insane Laughing Clown <mike-rppppoe at tiedyenetworks.com> wrote:
[...]
> A client can jump into any state it wants to and frequently these
> fucking bullshit walmart brand home routers do the weirdest stuff you
> can imagine.
Yes, but unless the client has done the PADI-PADR round-trip, the server
will just ignore it (true, it will have to spend a bit of time looking
at the packets...)
[...]
> > That's where the -x option would come in handy and I agree... it
> > needs to be made more efficient. All that's needed is to make
> > count_sessions_from_mac more efficient and to use a doubly-linked
> > list for quick deletion of busy sessions.
> How would you implement that for the case where -x is greater than 1?
You have a hash table with the MAC adress as the key and a count of
sessions as the value. When a session is created or destroyed, you update
the count. Those operations have expected time complexity O(1).
I haven't played extensively with the PPPoE server and misbehaving clients,
so I'm sure there are many creative ways to DoS it, but it seems to me
an efficient handling of the "-x" option would go a long way to mitigate
this.
Regards,
David.
More information about the RP-PPPoE
mailing list