From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-we0-x22c.google.com (mail-we0-x22c.google.com [IPv6:2a00:1450:400c:c03::22c]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 3782521F0AE for ; Mon, 24 Mar 2014 10:38:23 -0700 (PDT) Received: by mail-we0-f172.google.com with SMTP id t61so3677636wes.31 for ; Mon, 24 Mar 2014 10:38:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=hFvopG4ivQNye9L0IJoUWjx3YrEZj9I2HCymExrkU8g=; b=pHzrzv37icaG43Xjmpglj1j0/gdFAyqvxkuGYmRB1xh2LakkKXhdnML9sw1YUWMkJH IMvIybXCphwADStXTrM7oNDEyEELjBZQMCMpP6Etr+7ofFxfl8fr3LgjWLc5kveLrLNi zAcgV55nILFYQOZ2FCVxKaEs+5GqgBuJltMKIeZt9i/WkcwPOOaNxWTxRtw3GO+8NoOr 66o2zk/VBMmRgz3zjfslBJZ+M0tL6rIdqPJXRQXr4V1rv273JZfSfswX6S62h58O/lOe S0CjE5q2qKJJjJ41c65Eie/V3859xfnog+GEy1kEcq24PpGr6FT6l58zVjIc+UIEZI01 6vzg== MIME-Version: 1.0 X-Received: by 10.180.37.178 with SMTP id z18mr17720946wij.46.1395682701498; Mon, 24 Mar 2014 10:38:21 -0700 (PDT) Received: by 10.216.8.1 with HTTP; Mon, 24 Mar 2014 10:38:21 -0700 (PDT) In-Reply-To: References: Date: Mon, 24 Mar 2014 10:38:21 -0700 Message-ID: From: Dave Taht To: Rich Brown Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: cerowrt-devel Subject: Re: [Cerowrt-devel] Updates to the wiki for 3.10.32-12 X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Mar 2014 17:38:23 -0000 BTW: how are you selecting the different gui? On Mon, Mar 24, 2014 at 9:32 AM, Rich Brown wrote= : > Folks, > > I updated the wiki to incorporate features of 3.10.32-12. > > - The SQM page has been updated to include current screen shots and descr= ibe the options. A question: what are the units for the Hard Limit on ingre= ss/egress? > > http://www.bufferbloat.net/projects/cerowrt/wiki/Setting_up_SQM_for_CeroW= rt_310 Usually packets, unless you are using the undocumented bfifo qdisc option. > > - The Release Notes page has been updated to mention DNSSEC and BCP38. I'= m still not clear whether DNSSEC is turned on/operational by default. What = should that page say? > > http://www.bufferbloat.net/projects/cerowrt/wiki/CeroWrt_310_Release_Note= s It's on by default, however, we MUST decide on some 100% robust method for getting time on boot before the stable release. Otherwise boxes that sit for a while before being turned on (consider boxes shipped on a boat from china) or those that can't get ntp at all will be locked out. I am enjoying the flood of ideas on this topic going by on another thread. (it would be good to broaden the thread to relevant ntp, dnssec mailing lists) > - I have added a BCP38 page to give an overview of that page. A question = that I haven't seen addressed in the commentary on the list: Does this BCP3= 8 implement also filter out spoofed source addresses? (I imagine it would, = but the pages don't specifically say so.) Depends on your definition of "spoof". 1) For example a babel node with a real IP inside of a natted network would still be accepted (and natted) on egress. Can't solve everything... 2) The implementation is capable of filtering out or accepting a large number of networks, as per bcp38. The default is basically the best that can be done for a home/natted network. Given that this is intended to give a cluebat, showing an example for a provider with a real network would be useful... > > http://www.bufferbloat.net/projects/cerowrt/wiki/CeroWrt_and_BCP38 > > Although I try to write carefully, sometimes I'm just makin' stuff up. Co= mments requested. Thanks. good work! > Rich > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel --=20 Dave T=E4ht Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.= html