Alexander Motin wrote: > > Even if pppoe have some DoS weaknesses it also have some protection > mechanisms against it. It's a pity but ng_pppoe originally implements > protocol in a way which does not allow this protection to be effectively > used.
ng_pppoe can always be rewritten :-) > > As I have told 4.2 release contains overload protection which should > also help against DoS attacks. I am not sure it will be able to handle > 100Mbit/s flood of PADI requests from broken switch, but should avoid > mpd freeze in such case. > >> When having many users, it is useful to have high availability, so it >> would be nice and useful to setup multiple pppoe servers . I've tried >> that, using a router, connected >> to 2 pppoe servers, and at every pppoe connection, a route was added to >> the router and when user disconnected, the route was deleted from >> router. This is still a buggy implementation, we had problems messing >> up routing table. > > Having several PPPoE servers in one segment is a normal solution > protocol. It is not so efficient now as it could be due to ng_pppoe > implementation problem I have told, but it still should increase > performance and stability. > > What is about routing problems, you just should find good dynamic > routing solution. I have successfully working network with hundred PPPoE > servers and many thousands of users with routing successfully managed by > quagga bgp. > > ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Mpd-users mailing list Mpd-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mpd-users
