In article
<CAKrYomi-jsmwztRhR7ZR2Mf8vRGy3_nZVSFVhVip4ZtnVOPP=g...@mail.gmail.com>,
Ryota Ozaki <ozak...@netbsd.org> wrote:
>Hi,
>
>As I promised somewhere, I'm trying to use
>lltable/llentry, which were introduced for ARP
>while ago, for NDP as well.
>
>Here is a patch:
>http://www.netbsd.org/~ozaki-r/lltable-ndp.diff
>
>
>Unlike ARP case, the old data structure (llinfo_nd6)
>is similar to new one (llentry) and there isn't
>so much radical changes (compared to ARP case).
>
>One noticeable change is for neighbor cache GC
>mechanism that was introduced to prevent IPv6 DoS
>attacks. net.inet6.ip6.neighborgcthresh was the max
>number of caches that we store in the system. After
>introducing lltable/llentry, the value is changed
>to be per-interface basis because lltable/llentry
>stores neighbor caches in each interface separately.
>And the change brings one degradation; the old GC
>mechanism dropped exceeded packets based on LRU
>while the new implementation drops packets in order
>from the beginning of lltable (a hash table + linked
>lists). It would be improved in the future.
>
>Any comments and suggestions are appreciated.
+#ifdef __FreeBSD__
+ IN6_IFADDR_RLOCK();
+ LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) {
+#endif
+ for (ia = in6_ifaddr; ia; ia = ia->ia_next) {
That should be:
#ifdef __FreeBSD__
IN6_IFADDR_RLOCK();
LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash)
#else
for (ia = in6_ifaddr; ia; ia = ia->ia_next)
#endif
{
return (foo) -> return foo
christos
