tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: 16 year old bug



>> Fix a 16 year old bug in the sorting routine for non-contiguous netmasks.
> Does our IPSEC code actually _use_ non-continguous netmasks?

I haven't looked at the IPsec code, so this is a guess, but the wording
makes it sound as though this is an implementation technique used
internally by IPsec rather than being the externally-visible use of
noncontiguous netmasks everyone seems to be taking it for.

That said,

> and most modern network hardware will turn their nose up at them
> AFAIK.

IMO anything that pretends to implement IPv4 but which doesn't do
noncontiguous netasks is simply broken, I don't care whether it comes
from Cisco or Netgear or NetBSD.

Not, I suppose, that anyone necessarily cares what I consider broken.

Slow-path them.  Require a sysctl switch (the way we do for source
routes).  Fine.  But outright desupport them?  I'd call that a bug,
even if it is done deliberately.

/~\ The ASCII                             Mouse
\ / Ribbon Campaign
 X  Against HTML                mouse%rodents-montreal.org@localhost
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B


Home | Main Index | Thread Index | Old Index