> While investigating a problem, I noticed that the IPSEC code
> is initializing the sp -- even when no one is using IPSEC.
> It turns out that this really, really bloats the per socket
> memory requirements, with the only real result being a lot
> of extra processing that could be replaced by a
I see not reason to not import ng_fec.c except that it really doesn't
use most of the netgraph interface.
If you were to use the same protocol engine but rewrite the
interface part of it to use the netgraph data interface it'd probably be a
better fit.
On Mon, 22 Oct 2001, Milon Papezik wrote
Hi Julian,
I am aware about Bill's ng_fec module and I tested it carefully,
but it has several drawbacks:
1) there is a bug in published 4.x version, which can lead to panic.
I reported this bug together with single line patch to Bill,
but I never got a response.
2) there is also a proble
On Sun, 21 Oct 2001, Fernando Gont wrote:
> >That's an old explanation; basically any OS released in the last few years
> >will throw old/random connections out of the queue when it fills up.
>
> Anyway, I wonder how the old implementations behaved, and why they behaved
> like that.
I don't thi
>
> You could try enabling tcp/ip and physical logging to see if data is
> being written as expected.
>
> I'd be surprised if this was a ppp problem - it doesn't look at the
> frame payload unless you're using NAT, filtering, or some of the more
> nasty log levels. Perhaps you've got some ro
