lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 17 Sep 2008 14:37:33 -0400
From:	Chris Snook <csnook@...hat.com>
To:	Julius Volz <juliusv@...gle.com>
CC:	Simon Horman <horms@...ge.net.au>, lvs-devel@...r.kernel.org,
	netdev@...r.kernel.org
Subject: Re: Should we move IPVS out of net/ipv4 now?

Julius Volz wrote:
> Since IPVS now does partial IPv6, should we finally move it from
> "net/ipv4/ipvs" to "net" or to "net/netfilter"? I posted that patch a
> long time ago, but that was before any of the actual v6 features, so
> there was probably no interest.

Whatever the netfilter people want is fine with me.

> Also, the tunables in /proc/sys/net/ipv4/vs/... apply to both v4 and
> v6. Should we just duplicate them into /proc/sys/net/ipv6/vs? Or will
> people be confused that setting a value in one directory changes the
> value in the other and affects both IP versions?

If we do any duplication of sysctl tunables under net.ipv4 into net.ipv6, we 
need to follow the same policy for all of them.  Since the tcp tunables in 
net.ipv4 are among the most documented and used, and have been for a decade, we 
need to be conservative with that.  Having two different writable tunables for 
the same variable is certain to confuse.  Having read-only aliases under 
net.ipv6 wouldn't terrify me, but the last time I went to do tcp tuning, and saw 
that the tunables in net.ipv4 weren't duplicated under net.ipv6, it was obvious 
what was going on at first glance, without needing to do an ls -l to figure out 
what was going on.  People who prefer to use sysctl rather than manually 
tweaking pseudofiles might not notice the permissions right away.  By the 
principle of least confusion, I think omitting them entirely is probably the way 
to go.

-- Chris
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ