summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2015-07-31 17:07:12 -0700
committerDavid S. Miller <davem@davemloft.net>2015-07-31 17:07:12 -0700
commit17f901e8915cb922c2ca710835ef34f166f53ee9 (patch)
tree127409645c4ae5f127756751b593c6fb14428625 /security
parentdb316d57b63c07f2ebea596d7e21aa56549f54ab (diff)
parentb56774163f994efce3f5603f35aa4e677c3e725a (diff)
downloadlinux-17f901e8915cb922c2ca710835ef34f166f53ee9.tar.bz2
Merge branch 'ipv6-auto-flow-labels'
Tom Herbert says: ==================== ipv6: Turn on auto IPv6 flow labels by default BSD (MacOS) has already turned on flow labels by default and this does not seem to be causing any problems in the Internet. Let's go ahead and turn them on by default. We'll continue to monitor for any devices start choking on them. Flow labels are important since they are the desired solution for network devices to perform ECMP and RSS (RFC6437 and RFC6438). Traditionally, devices perform a 5-tuple hash on packets that includes port numbers. For the most part, these devices can only compute 5-tuple hashes for TCP and UDP. This severely limits our ability to get good network load balancing for other protocols (IPIP, GRE,ESP, etc.), and hence we are limited in using other protocols. Unfortunately, this method is accepted as the de facto standard to the extent that there are several proposals to encapsulate protocols in UDP _just_ for the purposes for getting ECMP to work. With hosts generating flow labels and devices taking them as input into ECMP (several already do), we can start to fix this fundamental problem. This patch set: - Changes IPV6_FLOWINFO sockopt to be opt-out of flow labels for connections rather than opt-in - Disable flow label state ranges sysctl by default - Enable auto flow labels sysctl by default v2: - Added functions to create an skb->hash based on flowi4 and flowi6. These are called in output path when creating a packet - Call skb_get_hash_flowi6 in ip6_make_flowlabel - Implement the auto_flowlabels sysctl as a mode for auto flowlabels. There are four modes which correspond to flow labels being enabled and whether socket option can be used to opt in or opt out of using them ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions