RE: [PATCH ipsec-next 2/2] xfrm: configure policy hash table thresholds by /proc

[PATCH ipsec-next 0/2] xfrm: scalability enhancements for policy database · Christophe Gouault <hidden> · 2014-05-12
[PATCH ipsec-next 1/2] xfrm: hash prefixed policies based on preflen thresholds · Christophe Gouault <hidden> · 2014-05-12
[PATCH ipsec-next 2/2] xfrm: configure policy hash table thresholds by /proc · Christophe Gouault <hidden> · 2014-05-12
Re: [PATCH ipsec-next 2/2] xfrm: configure policy hash table thresholds by /proc · Steffen Klassert <steffen.klassert@secunet.com> · 2014-05-15
Re: [PATCH ipsec-next 2/2] xfrm: configure policy hash table thresholds by /proc · Christophe Gouault <hidden> · 2014-05-19
Re: [PATCH ipsec-next 2/2] xfrm: configure policy hash table thresholds by /proc · Steffen Klassert <steffen.klassert@secunet.com> · 2014-05-22
RE: [PATCH ipsec-next 2/2] xfrm: configure policy hash table thresholds by /proc · David Laight <hidden> · 2014-05-22
Re: [PATCH ipsec-next 2/2] xfrm: configure policy hash table thresholds by /proc · Christophe Gouault <hidden> · 2014-05-23
[PATCH net-next v2 0/2] xfrm: scalability enhancements for policy database · Christophe Gouault <hidden> · 2014-08-01
[PATCH net-next v2 1/2] xfrm: hash prefixed policies based on preflen thresholds · Christophe Gouault <hidden> · 2014-08-01
[PATCH net-next v2 2/2] xfrm: configure policy hash table thresholds by netlink · Christophe Gouault <hidden> · 2014-08-01
[PATCH RFC iproute2 0/2] ipxfrm: configuration of SPD hash · Christophe Gouault <hidden> · 2014-08-01
[PATCH RFC iproute2 1/2] Update headers to net-next · Christophe Gouault <hidden> · 2014-08-01
[PATCH RFC iproute2 2/2] ipxfrm: add command for configuring SPD hash table · Christophe Gouault <hidden> · 2014-08-01
Re: [PATCH net-next v2 2/2] xfrm: configure policy hash table thresholds by netlink · Steffen Klassert <steffen.klassert@secunet.com> · 2014-08-21
Re: [PATCH net-next v2 2/2] xfrm: configure policy hash table thresholds by netlink · Christophe Gouault <hidden> · 2014-08-26
[PATCH ipsec-next v3 0/2] xfrm: scalability enhancements for policy database · Christophe Gouault <hidden> · 2014-08-27
[PATCH ipsec-next v3 1/2] xfrm: hash prefixed policies based on preflen thresholds · Christophe Gouault <hidden> · 2014-08-27
[PATCH ipsec-next v3 2/2] xfrm: configure policy hash table thresholds by netlink · Christophe Gouault <hidden> · 2014-08-27
Re: [PATCH ipsec-next v3 2/2] xfrm: configure policy hash table thresholds by netlink · Steffen Klassert <steffen.klassert@secunet.com> · 2014-08-29
Re: [PATCH ipsec-next v3 2/2] xfrm: configure policy hash table thresholds by netlink · Christophe Gouault <hidden> · 2014-08-29
[ipsec-next v4 0/2] xfrm: scalability enhancements for policy database · Christophe Gouault <hidden> · 2014-08-29
[ipsec-next v4 1/2] xfrm: hash prefixed policies based on preflen thresholds · Christophe Gouault <hidden> · 2014-08-29
[ipsec-next v4 2/2] xfrm: configure policy hash table thresholds by netlink · Christophe Gouault <hidden> · 2014-08-29
Re: [ipsec-next v4 0/2] xfrm: scalability enhancements for policy database · Steffen Klassert <steffen.klassert@secunet.com> · 2014-09-03
Re: [ipsec-next v4 0/2] xfrm: scalability enhancements for policy database · Christophe Gouault <hidden> · 2014-09-03
Re: [PATCH net-next v2 0/2] xfrm: scalability enhancements for policy database · David Miller <davem@davemloft.net> · 2014-08-04

From: David Laight <hidden>
Date: 2014-05-22 10:15:43

From: Klassert
...

quoted

Exporting a userland API (here by /proc) enables a user or a daemon to
choose a strategy according to information the kernel does not
necessarily have, and enables to implement various (possibly complex)
policies.

If we add a user API for the current lookup mechanism, we will stick
with this because we can't change it anymore without breaking userspace.
So I don't want to add one before we finally decided on a long term
lookup mechanism for IPsec.

You could have a user API call to find the list of available mechanisms
as well as one that returns/sets the current one.
Then there is no actual requirement to continue to support any specific one.

	David

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help