124 lines
4.4 KiB
Plaintext
124 lines
4.4 KiB
Plaintext
KAME/NetBSD integration TODOs
|
|
$NetBSD: TODO,v 1.10 2000/02/03 19:29:20 itojun Exp $
|
|
Jun-ichiro itojun Hagino <itojun@itojun.org>
|
|
|
|
|
|
This file talks about issues/TODOs in KAME/NetBSD integration.
|
|
For details about original KAME distribution, please refer to
|
|
sys/netinet6/IMPLEMENTATION, or documents in KAME distribution.
|
|
|
|
|
|
KERNEL
|
|
======
|
|
* net/if_types.h
|
|
|
|
IFT_GIF and IFT_FAITH are not defined in IANA assignment, but we need to
|
|
define these two (they are essential). If it is prohibited to define these,
|
|
where should we check to get interface type? if_xname?
|
|
|
|
* ATM PVC support in Adaptec/ENI ATM driver
|
|
|
|
Is it MI enough? If not, would you like it to be removed from the tree?
|
|
Actually this is quite useful (we use it in Japanese ATM PVC leased line
|
|
service and is quite stable).
|
|
|
|
* mbuf pullup consideration
|
|
|
|
KAME IPv6 onion-peeling routine assumes that headers are contiguous on
|
|
mbufs. For this we impose little restriction on drivers (namely,
|
|
MINCLSIZE has been modified for this). From stats we gathered it has no
|
|
impact on performance (maybe better due to less m_pullup), but some of
|
|
you may not like this (you may hate deep-copy code in net/if_loop.c).
|
|
We may need to implement safer way, something similar to m_pullup().
|
|
I have an idea but I still need some time for this. I'll test this in
|
|
KAME tree and then will bring it to NetBSD.
|
|
(NOTE: m_pullup is not very useful for IPv6 as the chained header length
|
|
can easily exceed MHLEN. Remember, IPv6 header itself already occupies 40
|
|
bytes)
|
|
|
|
KAME team is doing experiments with m_pulldown(). will migrate to m_pulldown()
|
|
after stabilization.
|
|
|
|
* ipsec socket pointer
|
|
|
|
We currently reuse m_pkthdr.rcvif for ipsec socket pointer, and ipf and
|
|
other code does not like this.
|
|
|
|
It is planned to add m->m_pkthdr.aux (pointer to mbuf chain) to carry around
|
|
extra information for IPsec and other cases.
|
|
|
|
* gre/ipip compatibility
|
|
|
|
Hope I did not break any of these... Could someone check?
|
|
|
|
* mbuf flags
|
|
|
|
KAME code introduces 5 mbuf flags, which should be decreased. M_ANYCAST6
|
|
is local to IPv6 code so it should be M_PROTO0 or something like that.
|
|
Others (IPsec items) are used across IPv4 and IPv6 so they cannot be in
|
|
M_PROTO0 kind of thing.
|
|
|
|
When we switch to m->m_pkthdr.aux, we don't need those flags in m->m_flags.
|
|
|
|
* if_detach improvement
|
|
|
|
* use of xx_control() from kernel
|
|
|
|
xx_control() are designed to be called from userland process, not
|
|
from within the kernel. Calling xx_control() from interrupt context would
|
|
cause various problems, like M_WAIT/NOWAIT issue, spl issue and others.
|
|
we need to clean it up. The right thing to happen is to split those
|
|
necessary functions into (1) called-from-userland function, (2) called-from-
|
|
interrupt function, and (3) common backend which shares as much code as
|
|
possible.
|
|
|
|
* more LP64 friendliness
|
|
|
|
|
|
USERLAND
|
|
========
|
|
* various routing daemons
|
|
|
|
KAME codebase includes several routing daemons, like route6d or bgpd (which
|
|
does RIPng and BGP4+, respectively). Should we put these into
|
|
/usr/src/usr.sbin, or should we treat those as third-party code (pkgsrc)?
|
|
|
|
pim6dd/pim6sd license issue should be clarified.
|
|
|
|
* IPv6-support in resolvers and libraries
|
|
|
|
Dual stack resolver code is from KAME. The change may not be compatible with
|
|
future bind8 code, so we may have to merge future bind8 carefully.
|
|
(or we should volunteer for bind8 improvements)
|
|
|
|
At this moment IPv6 support in lib/libc/net/* is implemented in very
|
|
conservative way so that it will not break existing codebase.
|
|
To be RFC2553 compilient, we need to supply getipnodeby{name,addr}.
|
|
However, it needs a total rewrite of gethostby{name,addr}.
|
|
It will make future upgrade to bind8x really harder.
|
|
|
|
* -DINET6, -DIPSEC
|
|
|
|
Where should we define -DINET6? Should it be global option like
|
|
EXPORTABLE_SYSTEM=1 (in /etc/mk.conf), or local option defined somewhere?
|
|
(some people may need a binary tree with no IPv6 support at all, for
|
|
smaller footprint)
|
|
|
|
At this moment -DINET6 is placed in each of leaf directory Makefiles,
|
|
and there's no global option for enabling/disabling userland IPv6/IPsec
|
|
support. Since we ship single binary tree we want to ship them enabled
|
|
by default.
|
|
|
|
* if index
|
|
|
|
Should we hide if index (s6_addr[2-3] in in6_addr) from the user, on "ifconfig"
|
|
or "netstat -in"? Those numbers are just for kernel internal
|
|
and should never be used from standard userland applications.
|
|
(see 1.3 in sys/netinet6/IMPLEMENTATION)
|
|
|
|
We start hiding it by using getnameinfo(NI_WITHSCOPEID).
|
|
|
|
* more IPv6 support
|
|
|
|
X11, NFS, RPC, whatever.
|