On 03/04/2011 16:21, Bjoern A. Zeeb wrote:
On Sun, 27 Feb 2011, Doug Barton wrote:
As for default algorithm, is there any reason not to make it 4?
Yes, it's expensive both computation time and stack wise. Last I put
MD5ctxs on the stack I was told that it was previously avoided do to
stack limits. I haven't seen complaints on lists about it but it
possibly still true for small embedded.
I'd also like to see a proper benchmark before switching the default
on both state of the art and a soekris kind class of machine.
We expect people doing embedded work to make all kinds of adjustments, I
can't see any reason why this shouldn't be one of them. Modern
general-purpose machines have more than enough resources to handle this.
That said, maybe we need a knob like EMBEDDED to more easily handle some
of these issues. I could see an default of alg 4 but something less
computationally intensive ifdef EMBEDDED.
That said I messed with the patch to avoid the two copies of the
algorithms (so it will not be 4 soon). I know it compiles but I have
yet to test it. I'd love to hear opinions. The #ifdef INET6/INETs
are ugly but we'll see those a lot more and need to figure out
differnt ways to our code was written the last 10 years.
http://people.freebsd.org/~bz/20110303-01-rfc6056.diff
The patch also includes a bugfix for the ipv6 case wrt to
"un-binding" on error.
Cool! I'll try to test this new patch this weekend.
Doug
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right price. :) http://SupersetSolutions.com/
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
