From owner-freebsd-questions@FreeBSD.ORG  Wed Nov 17 10:33:05 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5DB7916A4CE
	for <freebsd-questions@freebsd.org>;
	Wed, 17 Nov 2004 10:33:05 +0000 (GMT)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 08B9B43D3F
	for <freebsd-questions@freebsd.org>;
	Wed, 17 Nov 2004 10:33:05 +0000 (GMT)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (localhost [127.0.0.1])
	by fledge.watson.org (8.13.1/8.13.1) with ESMTP id iAHAVaZa070975;
	Wed, 17 Nov 2004 05:31:36 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Received: from localhost (robert@localhost)iAHAVaOK070972;
	Wed, 17 Nov 2004 10:31:36 GMT
	(envelope-from robert@fledge.watson.org)
Date: Wed, 17 Nov 2004 10:31:36 +0000 (GMT)
From: Robert Watson <rwatson@freebsd.org>
X-Sender: robert@fledge.watson.org
To: Kris Kennaway <kris@obsecurity.org>
In-Reply-To: <20041116031937.GA32097@xor.obsecurity.org>
Message-ID: <Pine.NEB.3.96L.1041117102953.59721D-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: Giuliano Cardozo Medalha <giulianocm@uol.com.br>
cc: freebsd-questions@freebsd.org
Subject: Re: MPSAFE - Warning
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Nov 2004 10:33:05 -0000

On Mon, 15 Nov 2004, Kris Kennaway wrote:

> > I got some messages for my customized kernel, using IPsec and IPv6:
> > 
> > WARNING: MPSAFE network stack disabled, expect reduced performance.
> > 
> > My kernel have the following option:
> > 
> > options         NET_WITH_GIANT
> > 
> > How is possible to correct this warning 
> 
> Wait for a later release, or disable IPv6 :-) 
> 
> IPv6 is not yet MP-safe. 

FWIW, the IPv6 code is probably about 80%+ safe -- certainly most of the
common code paths, so in practice you can run without Giant and use IPv6
without too much problem (the routing, UDP and TCP code is all safe, and
that's most of where IPv6 munges data structures).  The real problem is
KAME IPSEC, right now.  I know that George Neville-Neil has been working
on this, but I'm not sure he has specific plans for when it will be done.
My hope is that in 5.4, the KAME IPSEC code will be locked down.  Now that
the KAME developers have switched to 5.3 as their baseline, they will also
be getting that message every boot, which might improve motivation to fix
it :-).

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Principal Research Scientist, McAfee Research