From owner-freebsd-net@FreeBSD.ORG Tue Nov 14 18:52:23 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A9D2716A6A1 for ; Tue, 14 Nov 2006 18:52:23 +0000 (UTC) (envelope-from granica_raydom@rambler.ru) Received: from mxb.rambler.ru (mxb.rambler.ru [81.19.66.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 748AF43D49 for ; Tue, 14 Nov 2006 18:52:20 +0000 (GMT) (envelope-from granica_raydom@rambler.ru) Received: from rambler.ru (mail11.rambler.ru [81.19.71.13]) by mxb.rambler.ru (Postfix) with ESMTP id 5BA1F54F6A; Tue, 14 Nov 2006 21:52:19 +0300 (MSK) Received: from [85.141.114.63] (account granica_raydom@rambler.ru) by mail11.rambler.ru (CommuniGate Pro WebUser 4.2.10) with HTTP id 82525083; Tue, 14 Nov 2006 21:52:19 +0300 From: Andrew To: Max Laier X-Mailer: CommuniGate Pro WebUser Interface v.4.2.10 Date: Tue, 14 Nov 2006 21:52:19 +0300 Message-ID: In-Reply-To: <200611141709.26644.max@love2party.net> References: <200611141709.26644.max@love2party.net> MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1251"; format="flowed" Content-Transfer-Encoding: 8bit Cc: freebsd-net@freebsd.org Subject: Re: ipv6 connection hash function wanted ... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Nov 2006 18:52:23 -0000 On Tue, 14 Nov 2006 17:09:20 +0100 Max Laier wrote: > Hello, > > this one is something for people who know their math. > > Input: 2x128bit of address (lower ~80bit selectable by user) and >2x16bit > of ports (more or less selectable by user). Note that the "flow_id" >is > not useable as several broken stack implementations do not set it > consistently - and it is user settable as well. > Output: "int" hash value - by default we use the lower 8bit of it. > > Problems: Most of the input can be selected by a user meaning it is >easy > to produce collisions. For legal connections, the lower 64bit are >the > one with the highest entropy - in fact the upper 64bit might be the >same > for many connections coming from/going to the same subnet. This >function > will be used for every packet that is passed to a dynamic IPFW rule, >so > efficiency is a concern. > > Any ideas? Any papers that deal with this problem? > > ref: sys/netinet/ip_fw2.c::hash_packet6 > May be the Rsync algorithm is suitable partially.. Here is the discription: http://samba.anu.edu.au/rsync/tech_report/ Andrew.