What is the biggest attack in GBPS you stopped

Harvy66

So 10Mb/s of special traffic against your greater than 10Mb/s link caused the link to fail? Did the firewall stop working or only the link go down?

Supermule

Firewall stopped routing traffic. Link was fine.

Lots of packetloss once again.

Harvy66

So same issue as before, firewall is the weakest link, not the bandwidth? Maybe 2.3.

Any news from the FreeBSD side of things?

Supermule

Not yet. They are digesting the attack that I did yesterday and curretnly looking at states not beeing freed as they should…. AFAIK.

torontob

Did this end up in nowhere with the issue still being there?

Supermule

Still working on it.

Supermule

https://lists.freebsd.org/pipermail/freebsd-announce/2015-July/001655.html

Latest update.

peterclark4

@Supermule:

https://lists.freebsd.org/pipermail/freebsd-announce/2015-July/001655.html

Latest update.

Does this need to be included in 2.2.4 before it is released?

Supermule

That would be a very good idea if possible!

Opnsense has this fix done allready and a full release on friday.

maverick_slo

Do they have snapshot that you could test?

Supermule

Waiting for the update to come. I will update and report back.

Harvy66

@peterclark4:

@Supermule:

https://lists.freebsd.org/pipermail/freebsd-announce/2015-July/001655.html

Latest update.

Does this need to be included in 2.2.4 before it is released?

You beat me to it. This thread is the first thing I thought about when I saw this in G+

https://www.freebsd.org/security/advisories/FreeBSD-SA-15:13.tcp.asc

Harvy66

Supermule, is this directly related to what you've been digging into?

Supermule

Could very well be.

tim.mcmanus

So you haven't tested it?  It's more of a definite maybe that this resolves the issue?

Supermule

Not yet.

@tim.mcmanus:

So you haven't tested it?  It's more of a definite maybe that this resolves the issue?

firewalluser

@Supermule:

https://lists.freebsd.org/pipermail/freebsd-announce/2015-July/001655.html

Latest update.

I suppose another question to ask, is how did we miss this on our own machines, and what can we do to avoid such problems from occurring again?

Harvy66

Supermule didn't miss it. Well, possibly. If it turns out to be the same issue.

firewalluser

Spotted the behavior but nothing outputted from pfsense to observe though.

tim.mcmanus

@firewalluser:

Spotted the behavior but nothing outputted from pfsense to observe though.

Because it's not a pfSense issue.  This is an FreeBSD network driver issue.