On Sat, Nov 21, 2015 at 12:49 AM, Christos Zoulas <chris...@astron.com> wrote: > In article > <CAKrYomi-jsmwztRhR7ZR2Mf8vRGy3_nZVSFVhVip4ZtnVOPP=g...@mail.gmail.com>, > Ryota Ozaki <ozak...@netbsd.org> wrote: >>Hi, >> >>As I promised somewhere, I'm trying to use >>lltable/llentry, which were introduced for ARP >>while ago, for NDP as well. >> >>Here is a patch: >>http://www.netbsd.org/~ozaki-r/lltable-ndp.diff >> >> >>Unlike ARP case, the old data structure (llinfo_nd6) >>is similar to new one (llentry) and there isn't >>so much radical changes (compared to ARP case). >> >>One noticeable change is for neighbor cache GC >>mechanism that was introduced to prevent IPv6 DoS >>attacks. net.inet6.ip6.neighborgcthresh was the max >>number of caches that we store in the system. After >>introducing lltable/llentry, the value is changed >>to be per-interface basis because lltable/llentry >>stores neighbor caches in each interface separately. >>And the change brings one degradation; the old GC >>mechanism dropped exceeded packets based on LRU >>while the new implementation drops packets in order >>from the beginning of lltable (a hash table + linked >>lists). It would be improved in the future. >> >>Any comments and suggestions are appreciated. > > +#ifdef __FreeBSD__ > + IN6_IFADDR_RLOCK(); > + LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) { > +#endif > + for (ia = in6_ifaddr; ia; ia = ia->ia_next) { > > That should be: > #ifdef __FreeBSD__ > IN6_IFADDR_RLOCK(); > LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) > #else > for (ia = in6_ifaddr; ia; ia = ia->ia_next) > #endif > { > > return (foo) -> return foo
Thanks. Fixed. ozaki-r
