On Wed, Apr 14, 2021 at 08:24:11PM -0700, David Ahern wrote:
> On 4/14/21 12:33 AM, Pavel Balaev wrote:
> >>
> >> This should work the same for IPv6.
> > I wanted to add IPv6 support after IPv4 will be approved,
> > anyway no problem, will add IPv6 in next version
> >> And please add test cases un
On 4/14/21 12:33 AM, Pavel Balaev wrote:
>>
>> This should work the same for IPv6.
> I wanted to add IPv6 support after IPv4 will be approved,
> anyway no problem, will add IPv6 in next version
>> And please add test cases under tools/testing/selftests/net.
> This feature cannot be tested whithin
On Tue, Apr 13, 2021 at 04:15:21PM -0700, David Miller wrote:
> From: Balaev Pavel
> Date: Tue, 13 Apr 2021 14:55:04 +0300
>
> > @@ -222,6 +230,9 @@ struct netns_ipv4 {
> > #ifdef CONFIG_IP_ROUTE_MULTIPATH
> > u8 sysctl_fib_multipath_use_neigh;
> > u8 sysctl_fib_multipath_hash_policy;
>
On Tue, Apr 13, 2021 at 08:28:52PM -0700, David Ahern wrote:
> On 4/13/21 4:55 AM, Balaev Pavel wrote:
> > Ability for a user to assign seed value to multipath route hashes.
> > Now kernel uses random seed value to prevent hash-flooding DoS attacks;
> > however, it disables some use cases, f.e:
> >
On 4/13/21 4:55 AM, Balaev Pavel wrote:
> Ability for a user to assign seed value to multipath route hashes.
> Now kernel uses random seed value to prevent hash-flooding DoS attacks;
> however, it disables some use cases, f.e:
>
> +---++--+++
> | |-eth0---| FW
From: Balaev Pavel
Date: Tue, 13 Apr 2021 14:55:04 +0300
> @@ -222,6 +230,9 @@ struct netns_ipv4 {
> #ifdef CONFIG_IP_ROUTE_MULTIPATH
> u8 sysctl_fib_multipath_use_neigh;
> u8 sysctl_fib_multipath_hash_policy;
> + int sysctl_fib_multipath_hash_seed;
> + struct multipath_seed_
Ability for a user to assign seed value to multipath route hashes.
Now kernel uses random seed value to prevent hash-flooding DoS attacks;
however, it disables some use cases, f.e:
+---++--+++
| |-eth0---| FW0 |---eth0-||
| |+--+
