From nobody Wed Jun 26 08:11:07 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4W8DtB2xJQz5PJqp for ; Wed, 26 Jun 2024 08:11:14 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4W8DtB2N2xz4CYZ; Wed, 26 Jun 2024 08:11:14 +0000 (UTC) (envelope-from zlei@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1719389474; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=+XVu4s9msjDdWsdDf2dD+RXBd2hcIkw5ObGRVJ5btok=; b=JffPOUs9oINFy65yWhJgIygCPXgxLibtoNFjQdtkJI3qxiyLQ0xEi+45e3TiOk4MI9IMHr DjGonDVDR6rwLGRywX/U/2J+bNTU5ye5U+yzKrFfJQlWBqxag8vkQFxSviFPCvRGsY+sMd ZNuPvI2I/nWFyRlJMNvEypJlmDZpgBbUu4ngmF+CYBlOckbloRhBVR9Hf5iCeSf5Yd2EcH mRm1x8bbHHZwS+ZldxuHlAMI5r0L7RBjXRMHQmN1QCu0waIsxEACjNhzDzsI75qzU//FTP TXjUidG9mUSvfJxSemFMv6E1dJ9D2JcRO+JmuteE9zIxEOFKe+JM/57GTLMttw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1719389474; a=rsa-sha256; cv=none; b=L0WWDvbzsjGb9TI1O5XK5wFQJbYPi1z9qZhwdVgGfaA2r3TSP+2BT9eTF/sEwgGSlj1hgZ mo4gMN8YxOetRjg29GCd+Hqv+FR4zPqP7Al60Txb32H0PtX0ZGGjmiARhJq1Sj86s5vFdU dahar/T/RwKOwzrLDhMtBdvoZBs52loxXF1VZ3ng7lGWLiAbGdr91pEqZD786E8hW8+8p7 UU1sQFA+6BxCKbeEKgP59oABukfQqXgQMp+/zUYKATjn0XqAr23/J46MXBFLbiXBJGOzH8 B3x0zDIg/x71DCoCRAZHcKO0rP/CSqBUzJwLJS4mcZXW7BW1tt2yRk2VQMrb5Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1719389474; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=+XVu4s9msjDdWsdDf2dD+RXBd2hcIkw5ObGRVJ5btok=; b=P5rZ+wHOXTGl8uU5enxY9Bj0u+/M2KVM/+pGX+dUaqhJUAJMOZhAUYgLgQRtOUfWw9NLdP u3aW6HXropXpjd4XQlrZdl9l+Vw2ym8bk/QWKTSiAUdTR+XNFIJCgdwPgN4WYCx6rjT50i qd6eV4xE9EkfG/XZkqRhoMRhMzh3Z30bFGJuvP60Y+EDW0K+E94+ZTsH/ebdq2MZXGMT69 6dzHibZc9jTIqDKuIHpl/S+SbJxr3+FKte6QdkQbHzJrmIzPa01rsb/AkJ80lN+dtebTW7 AZ//D5LhFMymshwBQCbTGxHWdT7jrn9toHfw8xLBoigp4rBAi2zAvTcrBgbKrg== Received: from smtpclient.apple (ns1.oxydns.net [45.32.91.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: zlei/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4W8Dt90Nksz11c2; Wed, 26 Jun 2024 08:11:12 +0000 (UTC) (envelope-from zlei@FreeBSD.org) From: Zhenlei Huang Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_47E0CD15-68F3-4A1B-824A-6D238A86843C" List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.8\)) Subject: Re: ICMP6 Date: Wed, 26 Jun 2024 16:11:07 +0800 In-Reply-To: <1e78e57a-1748-4fec-8071-db7a1b0ec7e8@plan-b.pwste.edu.pl> Cc: Gleb Smirnoff , Ed Maste , FreeBSD Net To: Marek Zarychta References: <972cd3b3-e64a-46e6-a8ea-1bdd6ab7033e@plan-b.pwste.edu.pl> <523F3ED6-3E44-4ADA-9534-64735BC60804@FreeBSD.org> <1e78e57a-1748-4fec-8071-db7a1b0ec7e8@plan-b.pwste.edu.pl> X-Mailer: Apple Mail (2.3696.120.41.1.8) --Apple-Mail=_47E0CD15-68F3-4A1B-824A-6D238A86843C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Jun 26, 2024, at 2:24 PM, Marek Zarychta = wrote: >=20 > W dniu 26.06.2024 o 06:55, Zhenlei Huang pisze: >>=20 >> The MFC is Done ! >>=20 >> Marek has extensive testing with them. I did stress testing on my dev = machine. No known issues so far. > Thank you very much for the MFC of the commits set I suggested. I have = been testing these changes for several weeks on 10+ various hosts, = including servers and routers, and I only see positive changes. I hope = that no important commit was omitted in selecting the set for this MFC = and there will be no complaints.=20 >=20 > The only thing I would suggest is to change in future the default = value of net.inet6.icmp6.errppslimit to 200. It will be the same value = as defaults for net.inet.icmp.icmplim. In my case it was required to = silence spurious warnings on two web servers and BGP router.=20 >=20 The value 100 of tunable `net.inet6.icmp6.errppslimit` dates back to = 2000, the first time it was introduced [1]. I do not find any RFCs that has recommendation value for it. RFC 4443 = section 2.4 (f) [2] has an example default of 10 that is much smaller ( for small/mid-size devices ). I expect the default value of net.inet6.icmp6.errppslimit will stay 100 = for much longer time ;) 1. = https://cgit.freebsd.org/src/commit/sys/netinet6/in6_proto.c?h=3Dstable/7&= id=3D686cdd19b1b182f2257bc158116e78c5fef84980=20 2. https://www.rfc-editor.org/rfc/rfc4443.html#section-2.4 Best regards, Zhenlei > With best regards, >=20 > --=20 > Marek Zarychta --Apple-Mail=_47E0CD15-68F3-4A1B-824A-6D238A86843C Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii

On Jun 26, 2024, at 2:24 PM, Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> wrote:

=20 =20
W dniu 26.06.2024 o 06:55, = Zhenlei Huang pisze:
The MFC is Done !

Marek has extensive testing with them. I did stress testing on my dev =
machine. No known issues so far.

Thank you very much = for the MFC of the commits set I suggested. I have been testing these changes for several weeks on = 10+ various hosts, = including servers and routers, = and I only see positive changes. I = hope that no important commit was omitted in selecting the set for this MFC and there will be no complaints.

The= only thing I would suggest is to change in future the default value of net.inet6.icmp6.errppslimit to 200. It will be the same value as defaults for net.inet.icmp.icmplim. In my case it was required to silence spurious warnings on two web servers and BGP router.

The = value 100 of tunable `net.inet6.icmp6.errppslimit` dates back to 2000, = the first time it was introduced [1].

I do not find any RFCs that has recommendation = value for it. RFC 4443 section 2.4 (f) [2] has an example default of 10 = that
is much smaller ( for small/mid-size devices = ).

I expect the default value = of net.inet6.icmp6.errppslimit will stay 100 for much longer = time  ;)


=
2. https://www.rfc-editor.org/rfc/rfc4443.html#section-2.4

Best regards,
Zhenlei

With best regards,

--=20
Marek Zarychta



= --Apple-Mail=_47E0CD15-68F3-4A1B-824A-6D238A86843C--