distro/packaging: - (issue) check why systemd doesn't let me set scheduler priority fixed for systemd unit file, LSB init + systemd still fails https://bugzilla.redhat.com/show_bug.cgi?id=893015 link/host level: - (issue) implement packet fragmentation?, is the only solution to avoid conflicts with tun/tap mtu setting and various others buffer sizes. - (issue) sort out read buf from recv_from_links since it might be too small vs sending out 128k (+header+encryption+....). this is also related to max PMTU - (rfe) compress: should only compress user data, we will add a bit in the data header to indicate if the pckt is compressed or not (save time). this approach allow runtime change of compress. open questions are: methods? level? zlib? lzo? bz? lzma? xz? how much do we save by compressin our header? compress must happen before encrypt we can express compress data in packet type without adding extra flags to the headers. DATA -> BZ/GZDATA and we can change that right before encrypting. Using a similar approach to PING_MASK - (rfe) crypto: expand API to support dual key for rekey process - (rfe) link id made optional? right now we need the link id to match on both sides of the connection. this is somewhat annoying from a user perspective. Evaluate if we can make it optional. - (rfe) make hostid autogenerated in a consistent way? - (issue) need bind to interface for dynamic ip local interfaces vs src ip address or find a way to autodetect the new ip on that interface (listen to kernel netlink?) - (issue) must implement link auth via user/passwd. This is necessary in case key is leaked. - (rfe) Check IPV6_NEXTHOP for v6 sockets and find equivalent for v4 (Jesper?) this would allow using one IP address as destination via multiple links - (rfe) add statistics at different levels (pckt per host/link, bytes, crypto overhead, frame overhead, pure data...) - (rfe) link connection access-list (chrissie has working generic code for this one, needs merging and API) - (rfe) improve host-to-host communication. Right now I am not satisfied with the current implementation, even if it works. - (rfe) implement link switching via scoring system based on: 1) latency 2) priority (auto/manual) 3) usage (over XX% traffic start RR) 4) flapping of the links (time/sec) this requires complex rules setting and a super efficent way to look up destination links 5) if links are stable, reduce the number of links in a-a min 2 - (rfe) benchmark tests for all critical paths in switching threads - (rfe) network convergence protocol (host exchange) - (rfe) reswitching of packets - (rfe) look into UDP+ECN bit set to avoid overloading sockets? libknet: - (issue) review logging policy/levels in public api call example is scanning for active links in a host that would return a half gazzillion useless log entries - (issue) add .3 man pages libtap: - (rfe) consider adding dhcp support for tap device it can be done now via up.d/ scripts, but it's not intuitive - (issue) add .3 man pages - (issue) improve tests to cover thread safety and better error codes specially from the up/down handling. - (issue) if mtu on tap is < 1280, the kernel will remove permanently any IPv6 address from the interface and they won't come back even if MTU raises again > 1280. Need a check/store/restore data here to trigger IPv6 auto-readd kronostnetd: - (issue) potential annoying race between knetd setting up the tap device with default MTU and getting back the PMTUd value - (issue) beside the code that is as bad as it can possibly be and will make you wish to have a tea spoon handy to carve your eyeballs out, the vty needs a good clean/rewrite - (rfe) add logging config (per subsystem/global) - (issue) missing output from several command execution failures in vty mode - (issue) fix check_param for ip/prefix/crypto (this is part of the rewrite as it needs more clever arg parsing code/method) - (rfe) split vty_cmd_files to be smaller. it's just too big to handle nicely. - (rfe) add equivalent of "description: ...." to various levels - (issue) fix config file format. current one will make you scream - (rfe) add optional options. right now it's necessary to specify everything all the time. - (rfe) implement tab completion on options general: - (rfe) check code with coverity - (issue) missing unit tests on many many bits - (issue) missing docs of all kind, devel, users, admin guide.