Date: Wed, 15 Nov 2006 15:21:53 +0100 From: Joerg Sonnenberger <joerg@britannica.bec.de> To: freebsd-hackers@freebsd.org Subject: Re: ipv6 connection hash function wanted ... Message-ID: <20061115142153.GB7039@britannica.bec.de> In-Reply-To: <200611151353.17417.max@love2party.net> References: <200611151126.kAFBQSQr090632@lurza.secnetix.de> <200611151353.17417.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 15, 2006 at 01:53:12PM +0100, Max Laier wrote: > AFAICT, the attached has this property, but I have no idea if it adds > sufficient entropy to the result - it looks like it, though. You should do at least some bit shifting on the arguments as typical ipv6 addresses are by default MAC based and larger shipments of the same hardware often have similiar enough MACs to create collisions. I think what Olliver meant was more to use an input of 128bit for crc32, after xoring src, dst and secret. Joerg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061115142153.GB7039>