Linux as strong end host

Discussion in 'Linux Networking' started by dspfun, Apr 27, 2012.

  1. dspfun

    Jorgen Grahn Guest

    I still don't get it. In your original posting you wrote:

    When using Linux as an ES (End System), Linux can be configured/used
    as supporting either the "Strong ES Model" or the "Weak ES Model".
    The default for a Linux ES is the "Weak ES Model".

    What's the source for that claim, and why doesn't it also explain
    /how/ this configuration is done? (I assume "you can rewrite the IP
    stack yourself" wasn't what the source meant, because that's trivially
    true and not very practical.)

    Jorgen Grahn, May 2, 2012
    1. Advertisements

  2. dspfun

    dspfun Guest

    In Linux it (strong end) can be configured by setting up routing,
    firewall rules, and arp.
    But would it be beneficial (performance, ease of use, etc.) to have
    this built in to the Linux networking stack so it can easily be
    configured by a "simple flag"?
    dspfun, May 2, 2012
    1. Advertisements

  3. dspfun

    dspfun Guest

    With configuration I basically meant configuring/setting up source
    based routing, filtering, arp, etc.

    dspfun, May 2, 2012
  4. No. It is't as flexible then, and the audience needing such a setup is
    simply too small to warrant such a setup built in.
    And a "simple flag" isn't enough, that setup needs configuring, too.
    Peter Köhlmann, May 3, 2012
  5. dspfun

    dspfun Guest

    What kind of flexibility do mean would be missing? As stated earlier
    in the thread a similar flags exist in other networking stacks.

    Regarding the audience, I guess any network equipment vendor who is
    running/using the Linux networking stack for end systems (i.e. hosts)
    would need to have strong end in order to have "control"/"determinism"
    of where/how the traffic is flowing. Probably others as well.

    The flag would only be for strong end-ifying the Linux host. What
    other configuring do you mean would be needed except for this flag?

    dspfun, May 3, 2012
  6. Fine. One would still not have the flexibility to switch it on/off when
    Still representing only a tiny minority of linux users
    Well, you still need the "control of where/how the traffic is flowing"
    You can't control that with a simple flag

    Since this control is already part of the firewall rules, why on earth do
    you want to add *another* means to an end?
    The computing power needed to do that would be about the same as if built in
    directly into the kernel
    Peter Köhlmann, May 3, 2012
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.