From: Masahide NAKAMURA <nakam@linux-ipv6.org>
To: David Miller <davem@davemloft.net>
Cc: yoshfuji@linux-ipv6.org, anttit@tcs.hut.fi, vnuorval@tcs.hut.fi,
netdev@vger.kernel.org, usagi-core@linux-ipv6.org
Subject: Re: [PATCH 44/44] [XFRM] IPV6: Support Mobile IPv6 extension headers sorting.
Date: Fri, 25 Aug 2006 19:06:40 +0900 [thread overview]
Message-ID: <44EECBB0.7070001@linux-ipv6.org> (raw)
In-Reply-To: <44EE4ABC.6050604@linux-ipv6.org>
Masahide NAKAMURA wrote:
> David Miller wrote:
>> From: Masahide NAKAMURA <nakam@linux-ipv6.org>
>> Date: Thu, 24 Aug 2006 16:05:39 +0900
>>
>>> David Miller wrote:
>>>> In the mean time, I will work on porting my XFRM hashing changes
>>>> for the current net-2.6.19 tree.
>>> FYI, your work will not have any conflict with the left of MIPv6 patches
>>> which I will describe later since they are almost out of XFRM.
>>
>> Great.
>>
>> I just finished the port and pushed all of that work to net-2.6.19,
>> can folks please take a look?
>>
>> I tested IPSEC as best as I could with XFRM_SUB_POLICY enabled, but I
>> have no way currently to test sub-policies or MIPV6 cases.
>
> OK, I will review it and also start my XFRM test with net-2.6.19
> as I've done with my tree.
I've found a problem about MIPv6 CN with the patch below.
commit 02b0fa84daaa70f035767c9a5a0d539667249e60
Author: David S. Miller <davem@sunset.davemloft.net>
Date: Thu Aug 24 04:45:07 2006 -0700
[XFRM]: Hash policies when non-prefixed.
It seems that the policy hashing is not always used with selector protocol.
It may conflict with MIPL daemon thought.
Let me explain the detail:
MIPv6 specification says that all mobility header(MH) must be
sent without routing header type 2(RT2) / home address option,
except [*1].
To satisfy it MIPL daemon uses some bypass policies.
For CN outbound example(ip command output):
(a)MIPL daemon adds MH bypass policy when it starts to run:
src ::/0 dst ::/0 proto 135
dir out priority 12 ptype sub
(b)After binding is accepted, it also adds route optimization
policy to send user traffic with RT2:
src 3ffe:501:ffff:100::XXXX/128 dst 3ffe:501:ffff:101::YYYY/128
dir out priority 16 ptype sub
tmpl src :: dst ::
proto route2 reqid 0 mode ro
level use
When the daemon added both policy we expected that
all MH was used (a) otherwise (b) because of priority order.
But the kernel used (b) when the daemon sent MH from
3ffe:501:ffff:100::XXXX to 3ffe:501:ffff:101::YYYY.
Note: such bypasses are also required for ICMPv6 error and
neighbor discovery.
(*1:
Binding update(BU) can be sent with home address option
and binding ack(BA) can be sent with RT2.)
Do you have any ideas?
Thanks,
--
Masahide NAKAMURA
next prev parent reply other threads:[~2006-08-25 10:06 UTC|newest]
Thread overview: 116+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-08-23 15:02 [PATCH 0/44] Mobile IPv6 Platform, Take 2 (for net-2.6.19) YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 1/44] [XFRM]: Add XFRM_MODE_xxx for future use YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 2/44] [XFRM]: Introduce a helper to compare id protocol YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 3/44] [XFRM] STATE: Allow non IPsec protocol YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 4/44] [XFRM]: Expand XFRM_MAX_DEPTH for route optimization YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 5/44] [XFRM] STATE: Add source address list YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 6/44] [XFRM] STATE: Search by address using " YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 7/44] [XFRM] STATE: Add a hook to find offset to be inserted header in outbound YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 8/44] [XFRM] STATE: Introduce route optimization mode YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 9/44] [XFRM]: Restrict authentication algorithm only when inbound transformation protocol is IPsec YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 10/44] [XFRM] STATE: Common receive function for route optimization extension headers YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 11/44] [XFRM]: Rename secpath_has_tunnel to secpath_has_nontransport YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 12/44] [XFRM] STATE: Add a hook to obtain local/remote outbound address YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 13/44] [XFRM] STATE: Support non-fragment outbound transformation headers YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 14/44] [XFRM] STATE: Introduce care-of address YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 15/44] [XFRM] IPV6: Update outbound state timestamp for each sending YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 16/44] [XFRM] IPV6: Restrict bundle reusing YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 17/44] [XFRM]: Fix message about transformation user interface YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 18/44] [IPV6]: Add Kconfig to enable Mobile IPv6 YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 19/44] [IPV6] MIP6: Add routing header type 2 definition YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 20/44] [IPV6] MIP6: Add inbound interface of routing header type 2 YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 21/44] [IPV6] MIP6: Add socket option and ancillary data " YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 22/44] [IPV6]: Find option offset by type YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 23/44] [IPV6]: Allow to replace skbuff by TLV parser YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 24/44] [IPV6] MIP6: Add home address option definition YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 25/44] [IPV6] MIP6: Add inbound interface of home address option YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 26/44] [IPV6] MIP6: Revert address to send ICMPv6 error YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 27/44] [IPV6] IPSEC: Support sending with Mobile IPv6 extension headers YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 28/44] [IPV6] MIP6: Add routing header type 2 transformation YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 29/44] [IPV6] MIP6: Add destination options header transformation YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 30/44] [XFRM] STATE: Add Mobile IPv6 route optimization protocols to netlink interface YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 31/44] [IPV6] MIP6: Add Mobility header definition YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 32/44] [IPV6] MIP6: Add receiving mobility header functions through raw socket YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 33/44] [IPV6] MIP6: Add sending " YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 34/44] [IPV6] MIP6: Transformation support mobility header YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 35/44] [XFRM]: Trace which secpath state is reject factor YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 36/44] [XFRM]: Introduce XFRM_MSG_REPORT YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 37/44] [IPV6] MIP6: Report to user-space when home address option is rejected YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 38/44] [IPV6] MIP6: Ignore to report if mobility headers " YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 39/44] [XFRM] POLICY: Add Kconfig to support sub policy YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 40/44] [XFRM] POLICY: sub policy support YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 41/44] [XFRM]: Add sorting interface for state and template YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 42/44] [XFRM] POLICY: Support netlink socket interface for sub policy YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 43/44] [XFRM] IPV6: Add sort functions to combine templates/states for IPsec YOSHIFUJI Hideaki
2006-08-23 15:02 ` [PATCH 44/44] [XFRM] IPV6: Support Mobile IPv6 extension headers sorting YOSHIFUJI Hideaki
2006-08-24 5:57 ` David Miller
2006-08-24 6:04 ` YOSHIFUJI Hideaki / 吉藤英明
2006-08-24 6:54 ` David Miller
2006-08-24 7:05 ` Masahide NAKAMURA
2006-08-24 11:58 ` David Miller
2006-08-25 0:56 ` Masahide NAKAMURA
2006-08-25 10:06 ` Masahide NAKAMURA [this message]
2006-08-25 10:16 ` David Miller
2006-08-25 14:29 ` Masahide NAKAMURA
2006-08-25 22:47 ` David Miller
2006-08-31 12:00 ` [PATCH] [XFRM] STATE: Fix flusing with hash mask Masahide NAKAMURA
2006-08-31 22:15 ` David Miller
2006-09-01 1:20 ` Masahide NAKAMURA
2010-12-08 7:31 ` [PATCH 44/44] [XFRM] IPV6: Support Mobile IPv6 extension headers sorting wisalsami
2006-08-24 5:51 ` [PATCH 43/44] [XFRM] IPV6: Add sort functions to combine templates/states for IPsec David Miller
2006-08-24 5:49 ` [PATCH 42/44] [XFRM] POLICY: Support netlink socket interface for sub policy David Miller
2006-08-24 5:48 ` [PATCH 41/44] [XFRM]: Add sorting interface for state and template David Miller
2006-08-24 5:48 ` [PATCH 40/44] [XFRM] POLICY: sub policy support David Miller
2006-08-25 1:45 ` Herbert Xu
2006-08-24 5:41 ` [PATCH 39/44] [XFRM] POLICY: Add Kconfig to support sub policy David Miller
2006-08-24 3:48 ` [PATCH 38/44] [IPV6] MIP6: Ignore to report if mobility headers is rejected David Miller
2006-08-24 3:46 ` [PATCH 37/44] [IPV6] MIP6: Report to user-space when home address option " David Miller
2006-08-24 3:43 ` [PATCH 36/44] [XFRM]: Introduce XFRM_MSG_REPORT David Miller
2006-08-24 6:48 ` Masahide NAKAMURA
2006-08-24 6:53 ` David Miller
2006-08-24 3:41 ` [PATCH 35/44] [XFRM]: Trace which secpath state is reject factor David Miller
2006-08-24 3:39 ` [PATCH 34/44] [IPV6] MIP6: Transformation support mobility header David Miller
2006-08-24 3:37 ` [PATCH 33/44] [IPV6] MIP6: Add sending mobility header functions through raw socket David Miller
2006-08-24 3:36 ` [PATCH 32/44] [IPV6] MIP6: Add receiving " David Miller
2006-08-24 3:34 ` [PATCH 31/44] [IPV6] MIP6: Add Mobility header definition David Miller
2006-08-24 3:33 ` [PATCH 30/44] [XFRM] STATE: Add Mobile IPv6 route optimization protocols to netlink interface David Miller
2006-08-24 3:32 ` [PATCH 29/44] [IPV6] MIP6: Add destination options header transformation David Miller
2006-08-24 3:31 ` [PATCH 28/44] [IPV6] MIP6: Add routing header type 2 transformation David Miller
2006-08-23 20:36 ` [PATCH 27/44] [IPV6] IPSEC: Support sending with Mobile IPv6 extension headers YOSHIFUJI Hideaki / 吉藤英明
2006-08-24 2:31 ` David Miller
2006-08-24 2:27 ` [PATCH 26/44] [IPV6] MIP6: Revert address to send ICMPv6 error David Miller
2006-08-24 2:26 ` [PATCH 25/44] [IPV6] MIP6: Add inbound interface of home address option David Miller
2006-08-24 2:21 ` [PATCH 24/44] [IPV6] MIP6: Add home address option definition David Miller
2006-08-24 2:20 ` [PATCH 23/44] [IPV6]: Allow to replace skbuff by TLV parser David Miller
2006-08-31 12:05 ` [IPV6] MIP6: Fix to update IP6CB when cloned skbuff is received at HAO. (Re: [PATCH 23/44] [IPV6]: Allow to replace skbuff by TLV parser.) Masahide NAKAMURA
2006-08-31 22:20 ` [IPV6] MIP6: Fix to update IP6CB when cloned skbuff is received at HAO David Miller
2006-08-23 17:22 ` [PATCH 22/44] [IPV6]: Find option offset by type Brian Haley
2006-08-23 20:26 ` YOSHIFUJI Hideaki / 吉藤英明
2006-08-24 2:18 ` David Miller
2006-08-24 2:17 ` [PATCH 21/44] [IPV6] MIP6: Add socket option and ancillary data interface of routing header type 2 David Miller
2006-08-24 2:16 ` [PATCH 20/44] [IPV6] MIP6: Add inbound " David Miller
2006-08-24 2:15 ` [PATCH 19/44] [IPV6] MIP6: Add routing header type 2 definition David Miller
2006-08-24 2:14 ` [PATCH 18/44] [IPV6]: Add Kconfig to enable Mobile IPv6 David Miller
2006-08-24 2:55 ` Masahide NAKAMURA
2006-08-24 2:13 ` [PATCH 17/44] [XFRM]: Fix message about transformation user interface David Miller
2006-08-24 2:12 ` [PATCH 16/44] [XFRM] IPV6: Restrict bundle reusing David Miller
2006-08-24 2:54 ` Masahide NAKAMURA
2006-08-24 1:20 ` [PATCH 15/44] [XFRM] IPV6: Update outbound state timestamp for each sending David Miller
2006-08-24 1:19 ` [PATCH 14/44] [XFRM] STATE: Introduce care-of address David Miller
2006-08-24 1:12 ` [PATCH 13/44] [XFRM] STATE: Support non-fragment outbound transformation headers David Miller
2006-08-24 1:10 ` [PATCH 12/44] [XFRM] STATE: Add a hook to obtain local/remote outbound address David Miller
2006-08-24 1:09 ` [PATCH 11/44] [XFRM]: Rename secpath_has_tunnel to secpath_has_nontransport David Miller
2006-08-24 1:08 ` [PATCH 10/44] [XFRM] STATE: Common receive function for route optimization extension headers David Miller
2006-08-24 1:01 ` [PATCH 9/44] [XFRM]: Restrict authentication algorithm only when inbound transformation protocol is IPsec David Miller
2006-08-24 1:00 ` [PATCH 8/44] [XFRM] STATE: Introduce route optimization mode David Miller
2006-08-24 0:57 ` [PATCH 7/44] [XFRM] STATE: Add a hook to find offset to be inserted header in outbound David Miller
2006-08-24 0:56 ` [PATCH 6/44] [XFRM] STATE: Search by address using source address list David Miller
2006-08-24 0:54 ` [PATCH 5/44] [XFRM] STATE: Add " David Miller
2006-08-24 1:19 ` Masahide NAKAMURA
2006-08-24 2:08 ` David Miller
2006-08-24 0:52 ` [PATCH 4/44] [XFRM]: Expand XFRM_MAX_DEPTH for route optimization David Miller
2006-08-24 0:50 ` [PATCH 3/44] [XFRM] STATE: Allow non IPsec protocol David Miller
2006-08-24 0:48 ` [PATCH 2/44] [XFRM]: Introduce a helper to compare id protocol David Miller
2006-08-24 0:47 ` [PATCH 1/44] [XFRM]: Add XFRM_MODE_xxx for future use David Miller
2006-08-23 15:22 ` [PATCH 0/44] Mobile IPv6 Platform, Take 2 (for net-2.6.19) YOSHIFUJI Hideaki / 吉藤英明
2006-08-24 0:06 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44EECBB0.7070001@linux-ipv6.org \
--to=nakam@linux-ipv6.org \
--cc=anttit@tcs.hut.fi \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=usagi-core@linux-ipv6.org \
--cc=vnuorval@tcs.hut.fi \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).