https://github.com/NICMx/Jool/tree/improved-rfc6056
This is going to be tricky to test since you probably won't "feel" anything unless you have a lot of traffic, but can you at least check the video streaming works? 1. The pool4 *entry* (see https://nicmx.github.io/Jool/en/pool4.html) is decided from MD5(IPv6 source address, secret) 2. The pool4 entry port is decided from MD5(IPv6 source address, IPv6 source port, IPv6 destination address, IPv6 destination port, secret) I don't know if this comes across, but suppose you have the following two pool4 entries: - 192.0.2.1#(1000-2000), TCP - 192.0.2.1#(3000-4000), TCP Even though they have the same address, they are different *entries*, so different IPv6 sources will hash into them. I'm assuming this is not going to be much of a problem because it rarely happens. f-args doesn't do anything anymore, and it's marked as deprecated. The code still falls back to attempt to use the next entry if it can't find a valid transport in the original, which I think is a little better than giving up altogether. On Fri, Apr 21, 2023 at 8:41 PM Alberto Leiva <[email protected]> wrote: > > Actually, that's a great idea. I'll try implementing it over the weekend. > > On Thu, Apr 20, 2023 at 10:57 AM Ondřej Caletka <[email protected]> wrote: > > > > On 20/04/2023 17:07, Alberto Leiva wrote: > > >> Or perhaps even change the pool4 > > >> allocation algorithm so that it tries to stick to one IPv4 address for > > >> one source address and just randomize ports used. > > > But how is this different from f-args 8? > > > > If I understand the docs correctly, algorithm of Jool treats pool4 as a > > flat list of (IPv4, port) tuples. The F-function is run and its result > > chooses one of the tuples. If that one is in use, a possibly CPU-intense > > algorithm is run to find a free tuple adjacent to the one chosen by F. > > > > That is, with f-args=8, every session originated from the same IPv6 > > source address will always try to select one particular tuple. So every > > second and further session from the same host will trigger this > > collision resolution process. > > > > What I would like to see instead would be to use F with f-args=8 only to > > select IPv4 address. Once it is selected, another F could be run, this > > time with f-args=15 (or 7) to select a port within that IPv4 address. > > This way it would be guaranteed that one IPv6 address is always masked > > behind one IPv4 address and at the same time there would be less collisions. > > > > But maybe I'm just too scared of the collision resolving algorithm :) > > > > -- > > Cheers, > > > > Ondřej Caletka _______________________________________________ Jool-list mailing list [email protected] https://mail-lists.nic.mx/listas/listinfo/jool-list
