ESFQ''s original hashing algorithm never worked particularly well for the src or dst hash types: close IP addresses, such as 10.0.0.1 and 10.0.0.2 often hashed to the same number, even with many different perturbation values. This prevented the src and dst hash types from working adequately with small and medium-sized network ranges. A while ago, I added the src_direct and dst_direct hash types in an effort to work around the collision problem. The direct hash types were collision-free if handled properly. Unfortunately, they only worked properly for relatively small ranges of input, and as such required some care in usage. I have now (finally) converted ESFQ to use jhash, which is far easier to use than I had ever thought. Collisions are still possible with jhash, but they occur evenly, regardless of input range or distribution--as it should be. When perturbation values are used, 10.0.0.1 and 10.0.0.2 are just as likely to collide as 1.2.3.4 and 56.78.90.123. The src_direct, dst_direct, and fwmark_direct hash type hacks are no longer useful, and I intend to deprecate them in the next release. Send me an email if you have a reason I should leave the *_direct hash types alone. Home page: http://fatooh.org/esfq-2.6/ Direct URL: http://fatooh.org/esfq-2.6/esfq-2.6.19.2.tar.gz README (also available in the tar.gz): http://fatooh.org/esfq-2.6/current/README Try it out, have fun, and if you find a bug or have a suggestion please send me an email. -Corey
Corey Hickey wrote:> ESFQ''s original hashing algorithm never worked particularly well for the > src or dst hash types: close IP addresses, such as 10.0.0.1 and 10.0.0.2 > often hashed to the same number, even with many different perturbation > values. This prevented the src and dst hash types from working > adequately with small and medium-sized network ranges. > > A while ago, I added the src_direct and dst_direct hash types in an > effort to work around the collision problem. The direct hash types were > collision-free if handled properly. Unfortunately, they only worked > properly for relatively small ranges of input, and as such required some > care in usage. > > I have now (finally) converted ESFQ to use jhash, which is far easier to > use than I had ever thought. Collisions are still possible with jhash, > but they occur evenly, regardless of input range or distribution--as it > should be. When perturbation values are used, 10.0.0.1 and 10.0.0.2 are > just as likely to collide as 1.2.3.4 and 56.78.90.123. > > The src_direct, dst_direct, and fwmark_direct hash type hacks are no > longer useful, and I intend to deprecate them in the next release. Send > me an email if you have a reason I should leave the *_direct hash types > alone. > > Home page: > http://fatooh.org/esfq-2.6/ > > Direct URL: > http://fatooh.org/esfq-2.6/esfq-2.6.19.2.tar.gz > > README (also available in the tar.gz): > http://fatooh.org/esfq-2.6/current/README > > Try it out, have fun, and if you find a bug or have a suggestion please > send me an email.Cool - I''ll try this once I get upto date. I notice the 2.6.20 version can get unnatted addresses - will/can this be made to work for ingress on ifb? Andy.