On Mon, 2006-31-07 at 17:49 -0700, Roland Dreier wrote: > David> Why is this a relevant analogy? Well, you have physical > David> hard-disks in your computer today, but at some point that > David> device becomes largely superfluous. It makes more sense to > David> have just a cpu with a 10-gigabit ethernet interface > David> incorporated onto the cpu die, and the majority if not all > David> of your disk access is remote. > > Isn't most of the iSCSI control plane in userspace right now?
I know iscsi is supposed to integrate with ipsec as well (and SLP for discovery) - does that happen in user space as well? Dave (I am under heavy flu dose, so I may be incoherent;->) but heres a devils advocate bit for you: TCP FIN/SYN are just control packets - so move the connection setup/teardown out to user space;->. You can then add all sorts of funky DOS detection/prevention schemes as needed - makes it easy to experiment with. Actually move the slow path as well, SACK processing etc (i know it is in process context today, but thats in the kernel). Just leave VJs fast path in the kernel. Extend the user space bit to be the new VJ (channels stuff but just for control) - asynch notification to carry the control/slow path packets to user space. In regards to ARP/NDISC being in user space: note people are talking about secure DHCP or some form of initial pre-layer2 addressing over EAP or something along those lines; i.e if you are not securely validated at the L2 level you are not even getting an IP address. In regards to reliability: The thing that really fscks people using daemons from what i have seen is the oom killer policies and the lack of correlation by apps. I just watched quagga die horribly on a 256M machine on friday once we hit around 100K routes and a lot of route cache hits. So apps like that may need a total rewrite. I am not looking forward to trying to get racoon to do 50K SAs and 100K SPDs on the same machine ;-> I think I like what Hugo is saying ;-> I just hope he has time and resources to produce code. cheers, jamal - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
