Linux IPv6 router table size.

Ted Mittelstaedt tedm at ipinc.net
Sun Jan 16 06:41:18 CET 2011


On 1/15/2011 4:09 PM, Richard Hartmann wrote:
> On Sat, Jan 15, 2011 at 22:23, Ted Mittelstaedt<tedm at ipinc.net>  wrote:
>
>>   Keep in mind that in both Linux and FreeBSD (FreeBSD having the same
>> problem) that the formula that calculates the max route size isn't
>> assuming the system is going to be used as a BGP router.
>
> Intended purpose of any given system notwithstanding, if I put 4097
> routes into my FIB, I expect 4097 routes to end up in my FIB. How or

Then why are you letting quagga off the hook here?  Why allow the
quagga program get away with failing to add the 4097th route
when quagga could easily have used the sysctl to see that the
max route size had been hit and then proceeded to adjust it to add
the route?

> why they are put in there is of no concern to the anyone. This view is
> supported by the fact that there is no such limit for IPv4 routes.

That is incorrect.  There is a limit on IPv4 routes, it is dependent on
total system memory.

> Also, please note that I either need to start a daemon with root
> privileges or root to inject routes manually. It's not as if this
> could be abused as a local DoS exploit.
>
> Long story short, Jan, please report it to netdev at . I am sure this is
> an oversight and not by design. If they disagree, and I don't expect
> that they will, I will happily argue in your favor over there :)
>

I think your still completely missing the point.  Yes it isn't a good
idea to hard code a limit in an OS if there is a better way to calculate
the value.  Obviously in this case there is since they are using that 
for IPv4 and it seems like an oversight that they couldn't just do the
same for IPv6 routes.

But it also is poor programming practice for a program to punt an error
back to the user that the program can handle itself.  Quagga could have
done 2 things here.  First, when it started, it could have checked out 
the system and issued a message to the user for any system parameters 
that appear to be too low - such as the max route limit, or buffers, 
etc.  Second it could have raised the parameter itself - unless on
Linux the limit isn't settable after the system is booted.

Ted

>
> Richard
>




More information about the ipv6-ops mailing list