| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 11 Oct 2013 11:21:45 +0200 From: Steffen Klassert <steffen.klassert@...unet.com> To: Fan Du <fan.du@...driver.com> Cc: netdev@...r.kernel.org Subject: Re: [PATCH RFC 0/2] xfrm: Remove ancient sleeping code On Fri, Oct 11, 2013 at 03:18:40PM +0800, Fan Du wrote: > >>In xfrm policy queue, XFRM_MAX_QUEUE_LEN is 100, which means 101th skb > >>will be dropped, how about make it configurable? > > > >IMO we would have yet another useless knob then. Currently we send all > >packets by default to a blackhole as long as the state is not resolved > >and most people are fine with it. The queueing is mostly to speed up > >tcp handshakes, > > I cannot follow on this part. Would you please mind to explain how making a > policy queue will speed up TCP handshakes than orignal CAN_SLEEP mechanism? > I have not said that queueing is any faster than the sleeping mechanism. But it is faster than the current default that simply sends the first packets to a blackhole and can be used regardless if we can sleep. All I wanted to say is that there are not many packets needed to establish tcp connections, so I think a 100 packets queue is sufficient. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists