tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Use lltable/llentry for NDP



On Sat, Nov 21, 2015 at 12:49 AM, Christos Zoulas <christos%astron.com@localhost> wrote:
> In article <CAKrYomi-jsmwztRhR7ZR2Mf8vRGy3_nZVSFVhVip4ZtnVOPP=g%mail.gmail.com@localhost>,
> Ryota Ozaki  <ozaki-r%netbsd.org@localhost> wrote:
>>Hi,
>>
>>As I promised somewhere, I'm trying to use
>>lltable/llentry, which were introduced for ARP
>>while ago, for NDP as well.
>>
>>Here is a patch:
>>http://www.netbsd.org/~ozaki-r/lltable-ndp.diff
>>
>>
>>Unlike ARP case, the old data structure (llinfo_nd6)
>>is similar to new one (llentry) and there isn't
>>so much radical changes (compared to ARP case).
>>
>>One noticeable change is for neighbor cache GC
>>mechanism that was introduced to prevent IPv6 DoS
>>attacks. net.inet6.ip6.neighborgcthresh was the max
>>number of caches that we store in the system. After
>>introducing lltable/llentry, the value is changed
>>to be per-interface basis because lltable/llentry
>>stores neighbor caches in each interface separately.
>>And the change brings one degradation; the old GC
>>mechanism dropped exceeded packets based on LRU
>>while the new implementation drops packets in order
>>from the beginning of lltable (a hash table + linked
>>lists). It would be improved in the future.
>>
>>Any comments and suggestions are appreciated.
>
> +#ifdef __FreeBSD__
> +       IN6_IFADDR_RLOCK();
> +       LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) {
> +#endif
> +       for (ia = in6_ifaddr; ia; ia = ia->ia_next) {
>
> That should be:
> #ifdef __FreeBSD__
>         IN6_IFADDR_RLOCK();
>         LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash)
> #else
>         for (ia = in6_ifaddr; ia; ia = ia->ia_next)
> #endif
>         {
>
> return (foo) -> return foo

Thanks. Fixed.

  ozaki-r


Home | Main Index | Thread Index | Old Index