From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: Baptiste Jonglez <baptiste@bitsofnetworks.org>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: [RFC] Handling multiple endpoints for a single peer
Date: Sun, 8 Jan 2017 23:49:18 +0100 [thread overview]
Message-ID: <CAHmME9pZLDieAabMhjDQHxpj_TDd5OLjNEUpQrraFvXA0g7gmA@mail.gmail.com> (raw)
In-Reply-To: <20170108224117.GB9445@tuxmachine.polynome.dn42>
Thanks for the proposal. Obviously the easiest solution is a userspace
decoupled one, but this might not necessarily be the most desirable.
However, it's possible the upcoming userspace event notification fd
support (epoll on an fd to learn when handshakes happen) and userspace
peer-message support (send an encrypted out of band non-IP packet
directly to a peer, for things like autoconfig) could play a nice role
in this.
But if it is in the kernel, the decision logic boils down essentially
to: there's a list of endpoints in a given order. Based on differing
metrics of success at differing points in time, the list gets
reordered, and packets are always sent to the top of the list. For
example, the list could be rotated or permutated on every handshake
retry. Or the various other RTT or routing metrics you mentioned
earlier.
However, this doesn't shine any light on the hardest problem: how to
update the list of addresses in a memory-bounded fashion. Right now,
if you receive an encrypted packet, the endpoint of that peer is
updated to the src address of that packet. With multi-endpoint, which
endpoint is updated? Is it simply appended to an ever-growing list of
recent endpoints? How to keep this clean and manageable?
next prev parent reply other threads:[~2017-01-08 22:39 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-08 22:41 Baptiste Jonglez
2017-01-08 22:49 ` Jason A. Donenfeld [this message]
2017-01-09 2:37 ` Samuel Holland
2017-01-09 9:26 ` Baptiste Jonglez
2017-01-15 10:12 ` Jason A. Donenfeld
2017-01-09 7:00 ` Dave Taht
2017-01-09 9:47 ` Baptiste Jonglez
2017-01-15 10:06 ` Jason A. Donenfeld
2017-01-16 15:01 ` Dan Lüdtke
2017-01-09 8:46 ` Ameretat Reith
2017-01-15 10:17 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHmME9pZLDieAabMhjDQHxpj_TDd5OLjNEUpQrraFvXA0g7gmA@mail.gmail.com \
--to=jason@zx2c4.com \
--cc=baptiste@bitsofnetworks.org \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).