lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4e964168-2c83-24bb-8e44-f5f47555e589@gmail.com>
Date:   Tue, 26 Nov 2019 20:10:52 +0100
From:   Oliver Herms <oliver.peter.herms@...il.com>
To:     David Miller <davem@...emloft.net>
Cc:     yoshfuji@...ux-ipv6.org, kuznet@....inr.ac.ru,
        netdev@...r.kernel.org
Subject: Re: [PATCH v2] net: ip/tnl: Set iph->id only when don't fragment is
 not set

Hi Dave,

On 25.11.19 23:41, David Miller wrote:
> From: Oliver Herms <oliver.peter.herms@...il.com>
> Date: Sun, 24 Nov 2019 14:24:18 +0100
> 
>> From RFC 6864 "Updated Specification of the IPv4 ID Field" section 4.1:
> 
> Just reading the abstract of this RFC I cannot take it seriously:
> 
> 	This document updates the specification of the IPv4 ID field
> 	in RFCs 791, 1122, and 2003 to more closely reflect current
> 	practice...
> 
> "more closely reflect current practice" ?!?!
> 
> That statement is a joke right?
> 
> Linux generates the bulk of the traffic on the internet and we've had
> the current behavior of the ID field for decades.
> 
> Therefore, I don't think even the premise of this document is valid.
> 
> These are all red flags to me, and I think we should keep the current
> behavior.
> 
> I'm not applying your patch, sorry.
> 
I totally understand your argument.

What do you think about making this configurable via sysctl and make the current
behavior the default? I would also like to make this configurable for other 
payload types like TCP and UDP. IMHO there the ID is unnecessary, too, when DF is set.

Would you be willing to merge a patch that offers this?

Thanks
Oliver

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ