From owner-freebsd-net@freebsd.org Fri Jul 10 10:29:31 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 68508366151 for ; Fri, 10 Jul 2020 10:29:31 +0000 (UTC) (envelope-from SRS0=QZZD=AV=mail.sermon-archive.info=doug@sermon-archive.info) Received: from mail.sermon-archive.info (sermon-archive.info [71.177.216.148]) by mx1.freebsd.org (Postfix) with ESMTP id 4B38RZ51tWz4RQ0; Fri, 10 Jul 2020 10:29:30 +0000 (UTC) (envelope-from SRS0=QZZD=AV=mail.sermon-archive.info=doug@sermon-archive.info) Received: from [10.0.1.251] (mini [10.0.1.251]) by mail.sermon-archive.info (Postfix) with ESMTPSA id 4B38RY6F3Fz2fjQj; Fri, 10 Jul 2020 03:29:29 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.14\)) Subject: Re: making SCTP loadable and removing it from GENERIC From: Doug Hardie In-Reply-To: <4B6A707F-88C4-43B8-96BF-24BC32E2C9A9@freebsd.org> Date: Fri, 10 Jul 2020 03:29:29 -0700 Cc: Eugene Grosbein , Mark Johnston , freebsd-net@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <081C36F7-190F-489E-9100-E5B78A911710@mail.sermon-archive.info> References: <20200709151300.GC8947@raichu> <63F4446F-DECF-4DE8-99CA-EC8755A5D4A1@mail.sermon-archive.info> <44d21cf7-e154-f7f4-12ee-6dce1c3f9a63@grosbein.net> <4B6A707F-88C4-43B8-96BF-24BC32E2C9A9@freebsd.org> To: Michael Tuexen X-Mailer: Apple Mail (2.3445.104.14) X-Virus-Scanned: clamav-milter 0.101.4 at mail X-Virus-Status: Clean X-Rspamd-Queue-Id: 4B38RZ51tWz4RQ0 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of SRS0=QZZD=AV=mail.sermon-archive.info=doug@sermon-archive.info designates 71.177.216.148 as permitted sender) smtp.mailfrom=SRS0=QZZD=AV=mail.sermon-archive.info=doug@sermon-archive.info X-Spamd-Result: default: False [-2.27 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.99)[-0.995]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip4:71.177.216.148]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[lafn.org: no valid DMARC record]; NEURAL_HAM_LONG(-1.02)[-1.024]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.85)[-0.854]; FORGED_SENDER(0.30)[bc979@lafn.org,SRS0=QZZD=AV=mail.sermon-archive.info=doug@sermon-archive.info]; RCVD_NO_TLS_LAST(0.10)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:5650, ipnet:71.177.216.0/23, country:US]; FROM_NEQ_ENVFROM(0.00)[bc979@lafn.org,SRS0=QZZD=AV=mail.sermon-archive.info=doug@sermon-archive.info]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Jul 2020 10:29:31 -0000 > On 10 July 2020, at 02:39, Michael Tuexen wrote: >=20 > Hi Eugene, >=20 > you are completely right. However, it requires that the program needs = to run > with root privileges just to be able to communicate. > In the context of userland stack, this is one of the most important = issues. > In case of SCTP, this is needed to open a raw socket to send/recv SCTP = packets. > This is one of the reasons why you use UDP encapsulation... I see RFC 6951 on UDP encapsulation and understand there are situations = where that would be needed. However, my replication processes do run as = root. Just for fun, I started them as non-root and SCTP worked just = fine. I didn't see any raw sockets in a ktrace of the processes. 76330 replicate CALL socket(PF_INET6,0x5,IPPROTO_SCTP) 76330 replicate RET socket 5 =20 -- Doug