Bill Sommerfeld wrote:
> On Fri, 2007-09-21 at 13:43 +0800, Peter Memishian wrote:
>> To do this in a manner that doesn't massively interfere
>> with forwarding performance (e.g., since the packet isn't for us, we
>> need to decide whether to forward it or rewrite to be for us), it
>> seems like we'd need an SIOCSLIFDHCPINIT ioctl that the client would
>> use to enable this behavior when necessary on an interface[2] (which
>> would e.g. set ill->ill_dhcp_init), and then we'd have to add one
>> additional check to the fastpath stanza in ip_input() -- e.g.:
>>
>> if (!is_system_labeled() &&
>> !ipst->ips_ip_cgtp_filter && ipp_action_count == 0 &&
>> opt_len == 0 && ipha->ipha_protocol != IPPROTO_RSVP &&
>> !ll_multicast && !CLASSD(dst) && !ill->ill_dhcp_init) {
>> ^^^^^^^^^^^^^^^^^^^
>>
>> Unfortunately, even this single check will impact general networking
>> performance especially for small packets,
>
> actually, it looks like two of the tests (is_system_labeled() and
> ipp_action_count) are global variables while ipst is the zone-global
> ipstack structure. Any way we could precompute the AND of a few of
> those and your SIOCLIFDHCPINIT bit into a single per-ill "stay off the
> fast-path" bit (and re-compute it whenever one of them changes?)
FWIW such an approach is discussed in
http://jurassic.sfbay/~nordmark/ip-datapath-design.odt
which proposes using a "pre" ip_input functio which does these uncomming
checks and then calls the "normal" ip_input. That way we can avoid
duplicate code.
With Mobile IPv4 removed there are less tests one can save, so we don't
know whether the savings would be significant.
Erik
