tech-net archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: 16 year old bug
On Mon Aug 23 2010 at 13:53:40 +0200, Christoph Egger wrote:
>
> ... has been found by OpenBSD:
>
> Their commit message:
> --------------------------------------------
> Fix a 16 year old bug in the sorting routine for non-contiguous netmasks.
> For masks of identical length rn_lexobetter() did not stop on the
> first non-equal byte. This leads rn_addroute() to not detecting
> duplicate entries and thus we might create a very long list of masks
> to check for each node.
> This can have a huge impact on IPsec performance, where non-contiguous
> masks are used for the flow lookup. In a setup with 1300 flows we
> saw 400 duplicate masks and only a third of the expected throughput.
> --------------------------------------------
>
> The patch is attached. Any comments?
The test for this is missing.
Home |
Main Index |
Thread Index |
Old Index