lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 28 Oct 2017 09:16:01 -0700
From:   Tom Herbert <tom@...ntonium.net>
To:     Harald Welte <laforge@...monks.org>
Cc:     "David S . Miller" <davem@...emloft.net>,
        Pablo Neira Ayuso <pablo@...filter.org>,
        Andreas Schultz <aschultz@...p.net>,
        Linux Kernel Network Developers <netdev@...r.kernel.org>,
        Rohit LastName <rohit@...ntonium.net>
Subject: Re: [PATCH v7 net-next 00/13] gtp: Additional feature support - Part I

On Sat, Oct 28, 2017 at 1:09 AM, Harald Welte <laforge@...monks.org> wrote:
> Hi Tom,
>
> my apologies for only getting back to reviews now, after return from
> holidays I was too overloaded with plenty of other tasks.
>
> On Fri, Oct 27, 2017 at 05:09:24PM -0700, Tom Herbert wrote:
>>   - Experimental IPv6 support
>
> As far as I can tell, my previous comments/concerns regarding an IPv6
> support that is in clear violation of how it is specified is not
> acceptable to me, sorry.
>
> The question is - as illustrated quite verbosely before - not one
> of missing certain bits, but it is simply *different* from what
> the protocol specification says.
>
> This makes absolutely no sense to me.  All it will do, is it will raise
> the impression that IPv6 is supported in a spec-compliant way.
> Furthermore, it will mean that once somebody does convert this into
> proper IPv6 support later, they will break the existing use cases of
> the non-compliant implementation that you're adding in this patch
> series.
>
Harald,

Here is what the Kconfig for the EXPERIMENTAL option says:

"This is an experimental implementation that allows encapsulating IPv6
over GTP and using GTP over IPv6 for testing and development purposes.
This is not a standards conformant implementation for IPv6 and GTP.
More work is needed to reach that level."

I don't see any ambiguity here about it not being standards complete.
Nor is there any ambiguity about the its purpose to enable further
development and the fact that more work is needed.

This a foundation for an IPv6 datapath and is sufficient to do
benchmarking and performance to determine the prospects of replacing
proprietary HW with commodity servers running Linux kernel. This is a
forward step to get IPv6 into GTP, and frankly the _only_ code that
has been proposed. There is no reason why someone can't build upon
this to make a first rate conformant implementation.

In any case, I've invested as much time in this as I can for now. I'll
leave it up to DaveM to decide if we wants to take all, none, or some
subset of these patches.

Tom

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ