Date: Mon, 03 Sep 2001 23:48:02 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: "Vladimir A. Jakovenko" <vovik@lucky.net> Cc: freebsd-net@freebsd.org, freebsd-hackers@freebsd.org Subject: Re: SO_REUSEPORT on unicast UDP sockets Message-ID: <3B947922.F8B98DBD@mindspring.com> References: <20010902054617.A47742@lucky.net>
next in thread | previous in thread | raw e-mail | index | archive | help
"Vladimir A. Jakovenko" wrote: > > Hello! > > According to UNPv1 SO_REUSEPORT on UDP sockets can be used to bind more than > one socket to the same port (even with same source ip address). But quick > look on /sys/netinet/udp_usrreq.c function udp_input() shows that this will > work as expected (data stream duplicate) only on multicast/broadcast local > addresses. Please pay attention to the following code fragment comments: [ ... ] > Is there still any real need in such backward compatibility? Can such > functionality be added (fixed) with possibility to switch it off using > sysctl or kernel-build option? > > I find such possibility realy useful at least for NetFlow data > processing and believe that it would be useful for many UDP-based > protocols. Bound UDP sockets have always been problematic; there's a lot of code out there that depnds on the historical behaviour for unicast, unfortunately, including a number of commercial applications that run on FreeBSD (e.g. Real Server). If you look at that code for any length of time, you will get to see it as an armpit: it's not a good place to stick your nose, and it tends to smell to high heaven. At my current job, I'm up to my elbows in it... Similarly, there are a number of bugs in the TCP sockets as well; specifically, there's a problem with all sockets being treated as being in the same collision domain, when doing automatic port assignment. This limits you to 65535 oubound TCP connections, even though you have multiple IP aliases on an interface (theoretically, you should get 64k connections per IP address, if you bind _not_ to IN_ADDR_ANY, but instead use a specific port, but the hash is broken). There's also another problem with the cloned route, in the case you get a redirect, since the clone is not properly updated (e.g. do a ping, get a redirect, and notice that you keep getting the redirect until you stop and restart the ping, after which you get the correct route record: there was a recent thread on this in -current, where someone ICMP'ed themselves to death using multiple Gigabit interfaces as unbonded non-VLAN equivalence routes). -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B947922.F8B98DBD>