xfrm_sync.txt - OpenGrok cross reference for /linux-4.4.14/Documentation/networking/xfrm

Lines Matching refs:to
6 The end goal for syncing is to be able to insert attributes + generate
7 events so that the an SA can be safely moved from one machine to another
9 The idea is to synchronize the SA so that the takeover machine can do
10 the processing of the SA as accurate as possible if it has access to it.
12 We already have the ability to generate SA add/del/upd events.
13 These patches add ability to sync and have accurate lifetime byte (to
14 ensure proper decay of SAs) and replay counters to avoid replay attacks
19 it is possible for a lot of the events to be generated.
20 For this reason, we also add a nagle-like algorithm to restrict
21 the events. i.e we are going to set thresholds to say "let me
26 The identified items that need to be synchronized are:
58 flags are used to indicate different things. The possible
72 The pid will be set appropriately in netlink to recognize direction
73 (0 to the kernel and pid = processid that created the event
74 when going from kernel to user space)
76 A program needs to subscribe to multicast group XFRMNLGRP_AEVENTS
77 to get notified of these events.
91 This TLV carries the threshold being used by the kernel to trigger events
96 value to rate limit the events.
102 at least one listener registered to listen to the multicast
105 Programs installing SAs will need to specify the two thresholds, however,
106 in order to not change existing applications such as racoon
112 used to provide default values for the XFRMA_ETIMER_THRESH in incremental
116 used to provide default values for XFRMA_REPLAY_THRESH parameter
130 b) XFRM_MSG_NEWAE is issued by either user space to configure
131 or kernel to announce events or respond to a XFRM_MSG_GETAE.
133 i) user --> kernel to configure a specific SA.
136 A response is issued back to the sender in user space to indicate success
139 XFRM_MSG_NEWAE is also issued to any listeners as described in iii).
141 ii) kernel->user direction as a response to XFRM_MSG_GETAE
146 iii) kernel->user to report as event if someone sets any values or
148 In such a case XFRM_AE_CU flag is set to inform the user that
152 iv) kernel->user to report event when replay threshold or a timeout
155 happened) is set to inform the user what happened.
159 Exceptions to threshold settings
167 to be reached. This is done for simplicity and efficiency reasons.