Date: Tue, 14 Nov 2006 17:09:20 +0100 From: Max Laier <max@love2party.net> To: freebsd-hackers@freebsd.org Cc: freebsd-net@freebsd.org Subject: ipv6 connection hash function wanted ... Message-ID: <200611141709.26644.max@love2party.net>
index | next in thread | raw e-mail
[-- Attachment #1 --] Hello, this one is something for people who know their math. Input: 2x128bit of address (lower ~80bit selectable by user) and 2x16bit of ports (more or less selectable by user). Note that the "flow_id" is not useable as several broken stack implementations do not set it consistently - and it is user settable as well. Output: "int" hash value - by default we use the lower 8bit of it. Problems: Most of the input can be selected by a user meaning it is easy to produce collisions. For legal connections, the lower 64bit are the one with the highest entropy - in fact the upper 64bit might be the same for many connections coming from/going to the same subnet. This function will be used for every packet that is passed to a dynamic IPFW rule, so efficiency is a concern. Any ideas? Any papers that deal with this problem? ref: sys/netinet/ip_fw2.c::hash_packet6 -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQBFWeo2XyyEoT62BG0RAv5YAJ99W3lFucWxtqwM2DffEMRd9B3DIgCdG5Nh 0cHxQBrsibVS6R+saGqA0mY= =l4Hy -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611141709.26644.max>