Avatar of netpass

asked on 

How to limit number of routes per ip

I have a Linux firewall box, sometimes found many "dst cache overflow". There are some ways to overcome this, e.g. increase /proc/sys/net/ipv4/route/max_size or set secret_interval to a lower value. However, these do not solve the root cause of the problem. I found the root cause is some users connect to many many destinations in a short period (may be BT, virus, etc.). I can list the routes by "route -Cn".

I want to know is there any means to limit number of routes per IP? Solutions, comments, ideas, directions are welcome.
Linux OS DevLinux NetworkingServer Hardware

Avatar of undefined
Last Comment

8/22/2022 - Mon