Re: [Infrahip] [PATCH] Host Identity Protocol

To:	"David S. Miller" <davem@xxxxxxxxxxxxx>
Subject:	Re: [Infrahip] [PATCH] Host Identity Protocol
From:	Miika Komu <miika@xxxxxx>
Date:	Tue, 22 Mar 2005 16:08:31 +0200 (EET)
Cc:	yoshfuji@xxxxxxxxxxxxxx, Andrei Gurtov <gurtov@xxxxxxxxxxxxxx>, netdev@xxxxxxxxxxx, infrahip@xxxxxxx
In-reply-to:	<20050320200356.5f8fa583.davem@davemloft.net>
References:	<42369919.9010203@cs.helsinki.fi> <Pine.GSO.4.58.0503201805240.1521@kekkonen.cs.hut.fi> <20050321.024241.67451836.yoshfuji@linux-ipv6.org> <20050320200356.5f8fa583.davem@davemloft.net>
Sender:	netdev-bounce@xxxxxxxxxxx

On Sun, 20 Mar 2005, David S. Miller wrote:

> On Mon, 21 Mar 2005 02:42:41 +0900 (JST)
> YOSHIFUJI Hideaki / µÈÆ£±ÑÌÀ <yoshfuji@xxxxxxxxxxxxxx> wrote:
>
> > However, all signaling should be handled in userspace as we (will) do
> > for MIP6.
>
> Yes, I've been telling them similarly in a private
> email discussion.  I'm very glad someone else says
> this too, so I don't appear as the only person who
> feels this way :-)

Thank you, David and Yoshifugi, for your feedback. Please accept my
apologies for my late response.

I am having difficulties in digesting the counterarguments against the
kernel based approach because of the lack of detailed reasoning and
ambiguities. Yes, MIP6 and IKE signalling is handled in the userspace, but
the same is not true for SCTP (lksctp). At the same time, Linux is a
monolithic kernel instead of microkernel architecture. Finally, good
engineering practise is to put everything in the userspace, unless there
is good reason for putting it in to the kernelspace.

We don't currently have concrete measurements (comparing userspace and
kernelspace approaches) to justify our kernel oriented approach, so we
will have to get back to you later with some figures. If the results show
that an userspace implementation is superior to a kernel based approach in
terms of security or performance, we may have rewrite the code to the
userspace. In the mean time, do you happen to know any good references
where any userspace network protocol implementation has been compared and
measured against a kernelspace implementation? It would be a good starting
point for us.

I would like to mention that lksctp was implemented in the 2.6 kernel
because of better performance and tighter integration to the socket API.
We are dealing with similar issues with HIPL but seems like we need to
justify the reasons by analyzing and measuring. In addition, security
issues (DoS protection, user supplied public keys, etc) are taken pretty
seriously in HIP and may benefit from a kernel oriented approach.

-- 
Miika Komu              miika@xxxxxx          http://www.iki.fi/miika/

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH] Host Identity Protocol, Andrei Gurtov Re: [PATCH] Host Identity Protocol, Pekka Savola Re: [Infrahip] Re: [PATCH] Host Identity Protocol, Miika Komu Re: [Infrahip] Re: [PATCH] Host Identity Protocol, Miika Komu Re: [Infrahip] [PATCH] Host Identity Protocol, Miika Komu Re: [Infrahip] [PATCH] Host Identity Protocol, YOSHIFUJI Hideaki / 吉藤英明 Re: [Infrahip] [PATCH] Host Identity Protocol, David S. Miller Re: [Infrahip] [PATCH] Host Identity Protocol, Miika Komu <= Re: [Infrahip] [PATCH] Host Identity Protocol, David S. Miller Re: [Infrahip] [PATCH] Host Identity Protocol, YOSHIFUJI Hideaki / 吉藤英明

Previous by Date:	[2.6 patch] fix net/ipv4/route.c with gcc 3.4, Adrian Bunk
Next by Date:	Re: Network card driver problem (znb.o/tulip), jamal
Previous by Thread:	Re: [Infrahip] [PATCH] Host Identity Protocol, David S. Miller
Next by Thread:	Re: [Infrahip] [PATCH] Host Identity Protocol, David S. Miller
Indexes:	[Date] [Thread] [Top] [All Lists]