Re: iked(8): Increase the default Child SA data lifetime limit

Vitaliy Makkoveev wrote: > > ssh_packet_need_rekeying() appears to have some nice decisions. The > > idea is to rekey based upon time, primarily. > > It does the same: the two limits and rekying starts when you exceeded > any of them. But in the ssh case we have no massive traffic load, so we

Re: iked(8): Increase the default Child SA data lifetime limit

> On 3 Aug 2021, at 04:22, Theo de Raadt wrote: > > Joerg Sonnenberger wrote: > >> On Tue, Aug 03, 2021 at 01:12:54AM +0300, Vitaliy Makkoveev wrote: >>> Index: sbin/iked/types.h >>> === >>> RCS file: /cvs/src/sbin/iked/types.h,v

Re: iked(8): Increase the default Child SA data lifetime limit

Joerg Sonnenberger wrote: > On Tue, Aug 03, 2021 at 01:12:54AM +0300, Vitaliy Makkoveev wrote: > > Index: sbin/iked/types.h > > === > > RCS file: /cvs/src/sbin/iked/types.h,v > > retrieving revision 1.43 > > diff -u -p -r1.43

Re: iked(8): Increase the default Child SA data lifetime limit

On Tue, Aug 03, 2021 at 01:12:54AM +0300, Vitaliy Makkoveev wrote: > Index: sbin/iked/types.h > === > RCS file: /cvs/src/sbin/iked/types.h,v > retrieving revision 1.43 > diff -u -p -r1.43 types.h > --- sbin/iked/types.h 13 May 2021

iked(8): Increase the default Child SA data lifetime limit

iked(8) uses 3 hours and 512 megabytes of processed data as default lifetime hard limits for Child SA. Also it sets 85-95% of these values as soft limit. iked(8) should perform rekeying before we reach hard limit otherwise this SA will be killed and the tunnel stopped. With default values the

Re: [patch] dhcpleased(8): No new lease when trunk(4) failover

On Mon, Aug 02, 2021 at 11:36:47PM +0200, Jesper Wallin wrote: > On Mon, Aug 02, 2021 at 08:28:00PM +0200, Florian Obser wrote: > > On 2021-07-28 23:02 +02, Jesper Wallin wrote: > > > Hi tech@ > > > > > > I've setup my machine to use trunk(4) with re(4) and iwm(4) as failover, > > > to make life

Re: [patch] dhcpleased(8): No new lease when trunk(4) failover

On Mon, Aug 02, 2021 at 08:28:00PM +0200, Florian Obser wrote: > On 2021-07-28 23:02 +02, Jesper Wallin wrote: > > Hi tech@ > > > > I've setup my machine to use trunk(4) with re(4) and iwm(4) as failover, > > to make life easier when switching between wired and wireless > > networking. The wired

Re: [patch] dhcpleased(8): No new lease when trunk(4) failover

On 2021-07-28 23:02 +02, Jesper Wallin wrote: > Hi tech@ > > I've setup my machine to use trunk(4) with re(4) and iwm(4) as failover, > to make life easier when switching between wired and wireless > networking. The wired network at home is on a different subnet from > the wireless network, so

date -j and seconds since the Epoch

Hi, Bryan Vyhmeister found a strange behavior in date(1): # date -f %s -j 1627519989 Thu Jul 29 01:53:09 PDT 2021 # date -u -f %s -j 1627519989 Thu Jul 29 00:53:09 UTC 2021 Looks like PDT is GMT-1, which of course is wrong. The problem arises from the -f

Re: Do not spin on the NET_LOCK() in kqueue

On 29/07/21(Thu) 15:36, Alexander Bluhm wrote: > > > New diff fixing a locking dance pointed out by visa@. > > Not tested this one yet. But here is a combination of all the > others. > > http://bluhm.genua.de/perform/results/2021-07-27T07:41:29Z/perform.html Thanks for testing. These tests