lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080918042436.GB32516@verge.net.au>
Date:	Thu, 18 Sep 2008 14:24:36 +1000
From:	Simon Horman <horms@...ge.net.au>
To:	Chris Snook <csnook@...hat.com>
Cc:	Julius Volz <juliusv@...gle.com>, lvs-devel@...r.kernel.org,
	netdev@...r.kernel.org
Subject: Re: Should we move IPVS out of net/ipv4 now?

On Wed, Sep 17, 2008 at 02:37:33PM -0400, Chris Snook wrote:
> Julius Volz wrote:
>> Since IPVS now does partial IPv6, should we finally move it from
>> "net/ipv4/ipvs" to "net" or to "net/netfilter"? I posted that patch a
>> long time ago, but that was before any of the actual v6 features, so
>> there was probably no interest.
>
> Whatever the netfilter people want is fine with me.
>
>> Also, the tunables in /proc/sys/net/ipv4/vs/... apply to both v4 and
>> v6. Should we just duplicate them into /proc/sys/net/ipv6/vs? Or will
>> people be confused that setting a value in one directory changes the
>> value in the other and affects both IP versions?
>
> If we do any duplication of sysctl tunables under net.ipv4 into net.ipv6, 
> we need to follow the same policy for all of them.  Since the tcp 
> tunables in net.ipv4 are among the most documented and used, and have 
> been for a decade, we need to be conservative with that.  Having two 
> different writable tunables for the same variable is certain to confuse.  
> Having read-only aliases under net.ipv6 wouldn't terrify me, but the last 
> time I went to do tcp tuning, and saw that the tunables in net.ipv4 
> weren't duplicated under net.ipv6, it was obvious what was going on at 
> first glance, without needing to do an ls -l to figure out what was going 
> on.  People who prefer to use sysctl rather than manually tweaking 
> pseudofiles might not notice the permissions right away.  By the  
> principle of least confusion, I think omitting them entirely is probably 
> the way to go.

If thats a standard practice, than that sounds reasonable to me.

-- 
Simon Horman
  VA Linux Systems Japan K.K., Sydney, Australia Satellite Office
  H: www.vergenet.net/~horms/             W: www.valinux.co.jp/en

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ