Subject: CVS commit: src/sys
To: None <>
From: Jonathan Stone <>
List: source-changes
Date: 11/17/2003 21:34:28
Module Name:	src
Committed By:	jonathan
Date:		Mon Nov 17 21:34:27 UTC 2003

Modified Files:
	src/sys/netinet: files.netinet ip_mroute.c ip_output.c ip_var.h
	src/sys/netinet6: ipsec.c
	src/sys/netipsec: xform_ipip.c

Log Message:
Revert the (default) ip_id algorithm to the pre-randomid algorithm,
due to demonstrated low-period repeated IDs from the randomized IP_id
code.  Consensus is that the low-period repetition (much less than
2^15) is not suitable for general-purpose use.

Allocators of new IPv4 IDs should now call the function ip_newid().
Randomized IP_ids is now a config-time option, "options RANDOM_IP_ID".
ip_newid() can use ip_random-id()_IP_ID if and only if configured
with RANDOM_IP_ID. A sysctl knob should be  provided.

This API may be reworked in the near future to support linear ip_id
counters per (src,dst) IP-address pair.

To generate a diff of this commit:
cvs rdiff -r1.2 -r1.3 src/sys/netinet/files.netinet
cvs rdiff -r1.80 -r1.81 src/sys/netinet/ip_mroute.c
cvs rdiff -r1.126 -r1.127 src/sys/netinet/ip_output.c
cvs rdiff -r1.59 -r1.60 src/sys/netinet/ip_var.h
cvs rdiff -r1.76 -r1.77 src/sys/netinet/raw_ip.c
cvs rdiff -r1.87 -r1.88 src/sys/netinet6/ipsec.c
cvs rdiff -r1.6 -r1.7 src/sys/netipsec/xform_ipip.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.