lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 4 Mar 2012 18:24:19 +0200
From:	Emanuil Hristov <int986@...il.com>
To:	Mitar <mmitar@...il.com>
Cc:	netdev@...r.kernel.org, Nejc Skoberne <nejc@...berne.net>,
	Jernej Kos <kostko@...matrix-one.org>, gw.2012@...de.com,
	int986@...il.com
Subject: Re: Ethernet-over-UDP virtual network interface

Hi
you can try l2tp(v3) :) i think it fit best for your needs

Best regards

On Sun, Mar 4, 2012 at 1:30 PM, Mitar <mmitar@...il.com> wrote:
> Hi!
>
> At community wireless network wlan slovenija (http://dev.wlan-si.net/)
> we have been using OpenVPN tunnels to connect our WiFi nodes together
> over existing Internet infrastructure. After some time of using it we
> have discovered throughput problems using a user-land tunneling
> solution on those small/consumer Wifi router hardware. Because of the
> context switches we cannot get more than 5 Mbit/s even with disabled
> encryption. (And as we have a lot of fiber here, it really makes
> uplinks unused a lot.)
>
> We found out that we need a really light-weight tunneling solution,
> but on a L2 level. The idea is to have a simple encryption-less,
> state-less, and session-less L2 tunneling. Some kind of
> Ethernet-over-UDP type of virtual interface where we could configure
> multiple peer IP address and virtual interface would work as a simple
> switch, only instead of cables, it would send packets encapsulated in
> UDP (EoIP is not good because many consumer routers do not allow
> non-TCP/UDP packets to get through). No session handling, nothing.
> Simply, any packets it gets in it is send (based on auto-learned MAC
> addresses) to the destination IP address in the UDP packet. On the
> other side decapsulated packet is simply output of the virtual
> interface there.
>
> I have searched around and have not found anything which would work
> like this. Have I missed something? If not, I have decided to write
> our own kernel module for this, but first I would like to hear some
> feedback from others. Would anybody be interested in developing it
> with me or at mentoring me (it would be my first kernel module)?
>
> I have found this code:
>
> https://lwn.net/Articles/199120/
>
> and was planning to use it as a basis, but use UDP for communication.
> What is a proper way to do UDP communication from a kernel module?
>
> Best regards and thank you all for the great work you are doing on Linux
>
>
> Mitar
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ