Subject: CVS commit: src/sys
To: None <source-changes@NetBSD.org>
From: Jonathan Stone <jonathan@netbsd.org>
List: source-changes
Date: 11/17/2003 21:34:28
Module Name: src
Committed By: jonathan
Date: Mon Nov 17 21:34:27 UTC 2003
Modified Files:
src/sys/netinet: files.netinet ip_mroute.c ip_output.c ip_var.h
raw_ip.c
src/sys/netinet6: ipsec.c
src/sys/netipsec: xform_ipip.c
Log Message:
Revert the (default) ip_id algorithm to the pre-randomid algorithm,
due to demonstrated low-period repeated IDs from the randomized IP_id
code. Consensus is that the low-period repetition (much less than
2^15) is not suitable for general-purpose use.
Allocators of new IPv4 IDs should now call the function ip_newid().
Randomized IP_ids is now a config-time option, "options RANDOM_IP_ID".
ip_newid() can use ip_random-id()_IP_ID if and only if configured
with RANDOM_IP_ID. A sysctl knob should be provided.
This API may be reworked in the near future to support linear ip_id
counters per (src,dst) IP-address pair.
To generate a diff of this commit:
cvs rdiff -r1.2 -r1.3 src/sys/netinet/files.netinet
cvs rdiff -r1.80 -r1.81 src/sys/netinet/ip_mroute.c
cvs rdiff -r1.126 -r1.127 src/sys/netinet/ip_output.c
cvs rdiff -r1.59 -r1.60 src/sys/netinet/ip_var.h
cvs rdiff -r1.76 -r1.77 src/sys/netinet/raw_ip.c
cvs rdiff -r1.87 -r1.88 src/sys/netinet6/ipsec.c
cvs rdiff -r1.6 -r1.7 src/sys/netipsec/xform_ipip.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.