Re: Use lltable/llentry for NDP

[christos%astron.com@localhost (Christos Zoulas)]

In article <CAKrYomi-jsmwztRhR7ZR2Mf8vRGy3_nZVSFVhVip4ZtnVOPP=g%mail.gmail.com@localhost>,
Ryota Ozaki  <ozaki-r%netbsd.org@localhost> wrote:
>Hi,
>
>As I promised somewhere, I'm trying to use
>lltable/llentry, which were introduced for ARP
>while ago, for NDP as well.
>
>Here is a patch:
>http://www.netbsd.org/~ozaki-r/lltable-ndp.diff
>
>
>Unlike ARP case, the old data structure (llinfo_nd6)
>is similar to new one (llentry) and there isn't
>so much radical changes (compared to ARP case).
>
>One noticeable change is for neighbor cache GC
>mechanism that was introduced to prevent IPv6 DoS
>attacks. net.inet6.ip6.neighborgcthresh was the max
>number of caches that we store in the system. After
>introducing lltable/llentry, the value is changed
>to be per-interface basis because lltable/llentry
>stores neighbor caches in each interface separately.
>And the change brings one degradation; the old GC
>mechanism dropped exceeded packets based on LRU
>while the new implementation drops packets in order
>from the beginning of lltable (a hash table + linked
>lists). It would be improved in the future.
>
>Any comments and suggestions are appreciated.

+#ifdef __FreeBSD__
+	IN6_IFADDR_RLOCK();
+	LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) {
+#endif
+	for (ia = in6_ifaddr; ia; ia = ia->ia_next) {

That should be:
#ifdef __FreeBSD__
	IN6_IFADDR_RLOCK();
	LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash)
#else
	for (ia = in6_ifaddr; ia; ia = ia->ia_next)
#endif
	{

return (foo) -> return foo

christos