Hi
It has been recommended practice to tune the kernel routing cache on FreeBSD for a while to be more resistant to certain types of DDOS attacks. This advice is even offered on some official FreeBSD pages.
But the relevant sysctl's are removed in FreeBSD 11. I cannot find any information as to why, I am aware it could be that the stack is now hardened that they no longer needed, or perhaps there is no longer a kernel route cache at all, but of course it also could be they got deleted because developers got sick of maintaining the code.
Has anyone got an idea of why they are gone? The relevant sysctl's are here.
It has been recommended practice to tune the kernel routing cache on FreeBSD for a while to be more resistant to certain types of DDOS attacks. This advice is even offered on some official FreeBSD pages.
But the relevant sysctl's are removed in FreeBSD 11. I cannot find any information as to why, I am aware it could be that the stack is now hardened that they no longer needed, or perhaps there is no longer a kernel route cache at all, but of course it also could be they got deleted because developers got sick of maintaining the code.
Has anyone got an idea of why they are gone? The relevant sysctl's are here.
Code:
net.inet.ip.rtmaxcache
net.inet.ip.rtexpire
net.inet.ip.rtminexpire