From owner-cvs-src@FreeBSD.ORG Mon May 15 23:05:26 2006 Return-Path: X-Original-To: cvs-src@freebsd.org Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 705D716AEB4 for ; Mon, 15 May 2006 23:05:26 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.187]) by mx1.FreeBSD.org (Postfix) with ESMTP id 87CB843D60 for ; Mon, 15 May 2006 23:05:02 +0000 (GMT) (envelope-from max@love2party.net) Received: from [88.64.183.228] (helo=vampire.homelinux.org) by mrelayeu.kundenserver.de (node=mrelayeu6) with ESMTP (Nemesis), id 0ML29c-1Ffm7Z1eRh-0000k5; Tue, 16 May 2006 01:05:01 +0200 Received: (qmail 80728 invoked from network); 15 May 2006 23:05:27 -0000 Received: from localhost (HELO mail.abi01.homeunix.org) (192.168.4.64) by localhost with SMTP; 15 May 2006 23:05:27 -0000 Received: from 192.168.4.1 (SquirrelMail authenticated user mlaier) by mail.abi01.homeunix.org with HTTP; Tue, 16 May 2006 01:05:00 +0200 (CEST) Message-ID: <52078.192.168.4.1.1147734300.squirrel@mail.abi01.homeunix.org> In-Reply-To: <20060515065214.GA63472@walton.maths.tcd.ie> References: <200605142342.k4ENgOli009466@repoman.freebsd.org> <20060515065214.GA63472@walton.maths.tcd.ie> Date: Tue, 16 May 2006 01:05:00 +0200 (CEST) From: "Max Laier" To: "David Malone" User-Agent: SquirrelMail/1.4.6 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Provags-ID: kundenserver.de abuse@kundenserver.de login:61c499deaeeba3ba5be80f48ecc83056 Cc: cvs-src@freebsd.org, Max Laier , src-committers@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: src/sys/netinet ip_fw2.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 May 2006 23:05:28 -0000 On Mon, May 15, 2006 8:52 am, David Malone wrote: > On Sun, May 14, 2006 at 11:42:24PM +0000, Max Laier wrote: >> Use only lower 64bit of src/dest (and src/dest port) for hashing of >> IPv6 >> connections and get rid of the flow_id as it is not guaranteed to be >> stable >> some (most?) current implementations seem to just zero it out. > > I had a look at how constant the IPv6 Flow ID is with Orla McGann about > a year ago: > > http://www.maths.tcd.ie/~dwmalone/p/ec2nd05.pdf > > We used to screw up the setting of it on SYN|ACK packets, but we > should do it right now. I think NetBSD had a very similar looking > bug. When I last checked OpenBSD just set it to zero. I think Solaris > DTRT. Interesting - thanks for the pointer. Unless every stack DTRT we can't use the flow_id, though - or we break otherwise legal connections. In the given case we would open a state with SYN+flow_id and got a reply SYNACK+0 which wouldn't hash the same as the SYN we sent out. No matching state, no connection. -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News