19 Nov
2015
19 Nov
'15
7:54 a.m.
On Wed, Nov 18, 2015 at 06:05:31PM +0000, Stefan Jakob wrote:
Note that the incoming (listening) TCP socket (AFAIK) has to be configured with all the keys, so it is possible to hit the limit during regular operation without any leaks.
Do I get it right?:
Without adjusting the optmem_max value you won't be able to attach more than a 150 keys to a listening socket?
Would this basically cause trouble when you want to run f.e. a bgp routeserver with more than 150 peers protecting there sessiibs via a unique key?
AFAIK yes. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."