On Fri, 2006-28-07 at 09:34 +0100, Hugo Santos wrote: > > 2. What if user process dies? or gets overwhelmed? > > One of the assumptions of the any well designed kernel is that the > > system should never > > hang because some user application died or waited for ever. > > Of course that this is a real problem. However, if the control daemon > dies the kernel won't die. Depending on the implementation -- you might > temporarily get out of addresses, if the addresses are flushed when the > control daemon dies, etc. But, just like a routing daemon is critical > to a router, this control application would also be critical to the > host's connectivity. And if it dies, it needs to be restarted. The > application might be itself complex, but in the end we moved this > complexity away from the kernel. >
Hugo, The biggest challenge you will face is the view that people hate daemons - mostly from a usability perspective (is the gist of the arguements i have seen) but also because of concerns such as the one Stephen mentions above. I hold the same views as you do on the separation of control from the datapath and to respond to Stephens assertion on well designed kernel above: It is good kernel abstraction to separate policy management from mechanisms. The certificate issue only validates further this pov: that control tends to be feature-rich, swiss-army knife i.e more moving target than datapath. Such things typically belong to user-space. I have also seen talk of secure ARP; i wonder if there may be certificates involved there as well? If you look at the archives on netdev you may notice such discussions. Summary: I violently agree with you and i think if you address the "daemon" concerns, you will get other folks to agree as well. cheers, jamal - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
