Re: Regarding offloading IPv6 addrconf and ndisc

Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-07-27
Re: Regarding offloading IPv6 addrconf and ndisc · Kazunori Miyazawa <hidden> · 2006-07-27
Re: Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-07-27
Re: Regarding offloading IPv6 addrconf and ndisc · Herbert Xu <herbert@gondor.apana.org.au> · 2006-07-27
Re: Regarding offloading IPv6 addrconf and ndisc · David Miller <davem@davemloft.net> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · David Miller <davem@davemloft.net> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · David Miller <davem@davemloft.net> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · Stephen Hemminger <hidden> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · Jamal Hadi Salim <hidden> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-07-29
Re: Regarding offloading IPv6 addrconf and ndisc · Kazunori Miyazawa <hidden> · 2006-07-30
Re: Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-07-30
Re: Regarding offloading IPv6 addrconf and ndisc · David Miller <davem@davemloft.net> · 2006-07-31
Re: Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · David Miller <davem@davemloft.net> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · Kazunori Miyazawa <hidden> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · Herbert Xu <herbert@gondor.apana.org.au> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · David Miller <davem@davemloft.net> · 2006-07-28
Re: Regarding offloading IPv6 addrconf and ndisc · Andi Kleen <hidden> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · David Miller <davem@davemloft.net> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · Roland Dreier <hidden> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · Jamal Hadi Salim <hidden> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · Herbert Xu <herbert@gondor.apana.org.au> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · Jamal Hadi Salim <hidden> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · Hugo Santos <hidden> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · David Miller <davem@davemloft.net> · 2006-08-01
Re: Regarding offloading IPv6 addrconf and ndisc · Ingo Oeser <hidden> · 2006-08-03

From: Jamal Hadi Salim <hidden>
Date: 2006-08-01 01:24:35

On Mon, 2006-31-07 at 17:49 -0700, Roland Dreier wrote:

    David> Why is this a relevant analogy?  Well, you have physical
    David> hard-disks in your computer today, but at some point that
    David> device becomes largely superfluous.  It makes more sense to
    David> have just a cpu with a 10-gigabit ethernet interface
    David> incorporated onto the cpu die, and the majority if not all
    David> of your disk access is remote.

Isn't most of the iSCSI control plane in userspace right now?

I know iscsi is supposed to integrate with ipsec as well (and SLP for
discovery) - does that happen in user space as well?

Dave (I am under heavy flu dose, so I may be incoherent;->) but heres a
devils advocate bit for you:
TCP FIN/SYN are just control packets - so move the connection
setup/teardown out to user space;->. You can then add all sorts of funky
DOS detection/prevention schemes as needed - makes it easy to experiment with. 
Actually move the slow path as well, SACK processing etc (i know it is in process
context today, but thats in the kernel). Just leave VJs fast path in the
kernel. Extend the user space bit to be the new VJ (channels stuff but
just for control) - asynch notification to carry the control/slow path
packets to user space.

In regards to ARP/NDISC being in user space: note people are talking
about secure DHCP or some form of initial pre-layer2 addressing over EAP
or something along those lines; i.e if you are not securely validated at
the L2 level you are not even getting an IP address. 
 
In regards to reliability: The thing that really fscks people using
daemons from what i have seen is the oom killer policies and the lack of
correlation by apps. I just watched quagga die horribly on a 256M
machine on friday once we hit around 100K routes and a lot of route
cache hits. So apps like that may need a total rewrite. I am not looking
forward to trying to get racoon to do 50K SAs and 100K SPDs on the same
machine ;->

I think I like what Hugo is saying ;-> I just hope he has time and
resources to produce code. 

cheers,
jamal

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help