[RTEMS Project] #4621: libbsd/ipsec: ipsec-tools allocate big buffers
RTEMS trac
trac at rtems.org
Thu Feb 24 09:13:03 UTC 2022
#4621: libbsd/ipsec: ipsec-tools allocate big buffers
--------------------------------+---------------------------------
Reporter: Christian Mauderer | Owner: Christian Mauderer
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: network/libbsd | Version:
Severity: minor | Resolution: fixed
Keywords: | Blocked By:
Blocking: |
--------------------------------+---------------------------------
Comment (by Christian Mauderer <christian.mauderer@…>):
In [changeset:"330f65f987c312c74ee473de1acd250bf0ca1dcb/rtems-libbsd"
330f65f9/rtems-libbsd]:
{{{
#!CommitTicketReference repository="rtems-libbsd"
revision="330f65f987c312c74ee473de1acd250bf0ca1dcb"
ipsec-tools: Reduce allocated buffer size
By default, pfkey allocates a 2MB buffer that is used for SPD entries.
This size is a good choice for a server system where a lot of clients
should be handled. But on our embedded systems, an application with that
much clients is unlikely and 2MB is a lot of space. So reduce that to
the default value of 128kB which should be enough for a small number of
ipsec connections.
See https://bugzilla.redhat.com/show_bug.cgi?id=607361 for more details
why the upstream project originally increased the size.
If someone really needs a bigger size, there is a option in the
configuration file of pfkey called `pfkey_buffer` that can overwrite
this value.
Closes #4621
}}}
--
Ticket URL: <http://devel.rtems.org/ticket/4621#comment:2>
RTEMS Project <http://www.rtems.org/>
RTEMS Project
More information about the bugs
mailing list