Netlink Transactions for IPsec control operations
Bug #704513 reported by
Stefan Götz
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| HIPL |
Confirmed
|
Medium
|
Unassigned | ||
Bug Description
Currently, HIPL controls IPsec SAs and SPs in the kernel via the netlink interface and sends each command individually.
An alternative would be to queue up multiple, possibly related netlink messages and send them to the kernel in a single packet (i.e., a 'transaction').
This alternative is likely to perform better (although the impact is probably not dramatic) and may be desirable for seamless handover scenarios where the more atomic nature of such a transaction could be beneficial.
Just an idea for the future.
| Changed in hipl: | |
| status: | New → Opinion |
Revision history for this message
| Miika Komu (miika-iki) wrote | #1 |
| Changed in hipl: | |
| importance: | Undecided → Low |
| status: | Opinion → New |
Revision history for this message
| René Hummen (rene-hummen) wrote | #2 |
| Changed in hipl: | |
| importance: | Low → Medium |
| status: | New → Confirmed |
To post a comment you must log in.
Hi,
I think it would be far more important to support e.g. threads than do this kind of micro-optimization. Also, I think fixing this important bug will invalidate this bug id:
https:/
So I would suggest to change the status of this bug already now to invalid?