lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 19 Mar 2018 20:58:18 +0200
From:   Saku Ytti <saku@...i.fi>
To:     David Ahern <dsa@...ulusnetworks.com>
Cc:     netdev@...r.kernel.org
Subject: Re: recursive static routes

Hey David,

> The Linux stack does not flatten routes when inserting into the FIB.
> Recursion is expected to be done a routing daemon such as bgp which will
> be able to handle updates as the network changes.

Are you saying that routing protocol would observe the next-hop
change, then update the Linux kernel route to reflect that?

Wouldn't that add another layer of state and the implied delays of
maintaining and updating the state.

Is it not practical to do lookup per-packet to recurse until egress
rewrite information is found? So literally no state in memory anywhere
saying 0/0 next-hop is 192.0.2.42/22:22:22:22:22:22, it would always
have to walk the FIB to find it.

--
  ++ytti

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ