North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Negative ARP caching [was Re: TCP session disconnection caused byCode Red? ]
Probably a bad idea. Rate limiting, as RFC 1122 suggests, would seem to be much better.Agree that rate-limiting is a good idea (indeed that's INCOMPLETE[n] and [t1] in my proposal) but I don't see how it helps here.
Or to put it another way: So if you are storing sufficient state in the OS to do rate-limiting (i.e. keeping state on incomplete / nonexistant entries too), then put it to some use, and (say) halve the rate-limit every time one proves non-existant (and you drop the queued packet(s)), (i.e. twice as many seconds between ARP packets), down to some minimum, like one every 5 mins, and reset the rate limit on reception of any IP packet from that machine and/or successful ARP. This is almost the same thing as I suggested, but looks more like rate limiting, with some intelligence as to the rate. -- Alex Bligh Personal Capacity