Alexander Motin wrote:

> 
> Even if pppoe have some DoS weaknesses it also have some protection
> mechanisms against it. It's a pity but ng_pppoe originally implements
> protocol in a way which does not allow this protection to be effectively
> used.

 ng_pppoe can always be rewritten :-)

> 
> As I have told 4.2 release contains overload protection which should
> also help against DoS attacks. I am not sure it will be able to handle
> 100Mbit/s flood of PADI requests from broken switch, but should avoid
> mpd freeze in such case.
> 
>> When having many users, it is useful to have high availability, so it
>> would be nice and useful to setup multiple pppoe servers . I've tried
>> that, using a router, connected
>> to 2 pppoe servers, and at every pppoe connection, a route was added to
>> the router  and when  user  disconnected,  the route was deleted from
>> router.  This is still a buggy implementation, we had problems messing
>> up routing table.
> 
> Having several PPPoE servers in one segment is a normal solution
> protocol. It is not so efficient now as it could be due to ng_pppoe
> implementation problem I have told, but it still should increase
> performance and stability.
> 
> What is about routing problems, you just should find good dynamic
> routing solution. I have successfully working network with hundred PPPoE
> servers and many thousands of users with routing successfully managed by
> quagga bgp.
> 
> 

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Mpd-users mailing list
Mpd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mpd-users

Reply via email to