Re: [PATCH] Shortening scan time with SO_DONTROUTE

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/04/2009 10:45 PM, Fyodor wrote:
> On Thu, Jan 01, 2009 at 02:10:50AM -0600, Kris Katterjohn wrote:
> > So is there any reason not to put this in?  This doesn't fall in line with the
> > big improvements David's been making in his -perf branch, but this certainly
> > seems to help.
>
> Hi Kris.  I tested your patch and it did work.  My quick tests showed
> a slight increase in performance too--a 65K port scan of a machine on
> my local network went from taking 2.34s (average of four tries) to
> 2.135s.  So almost .2s.  This is sort of the best case situation for
> this patch, where it is on a fast local network and none of the target
> ports are filtered.
>
> But I'm worried that this rarely used option could cause trouble in
> various weird networking situations.  For example, one of David's
> recent patches fixed a really strange Mac routing issue.  So I think
> it may be over-optimizing.  If it would save a lot of time on the slow
> scans, I'd be all for it!  But speeding a 2.3s scan to 2.1s is mostly
> only good for bragging rights.  And it will be a pain for users (and
> us to debug) if it does cause problems.

Thanks for testing this out.

I figured a ~10% increase in speed simply by setting an old socket option was
sweet, even if it's a small increase in real time.  But you of course bring up
a good point about it having some potential to cause problems in different
situations.

> So unless we see people who really want it, I don't think we should
> put it in the trunk.  But it is still good that you sent the patch so
> that anyone who wants to can put it in their personal copy of Nmap.
> Or maybe someone will find a strong argument for why we should put it
> in.  It is worth testing these sorts of things out.

Yeah, I like to test things like this out: especially when they actually
produce some material difference.

> Cheers,
> -F

Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIcBAEBAgAGBQJJYaukAAoJEEQxgFs5kUfuoxsP/A0+/gl6iH/uymE1RCIn//h7
g+wySF4kFvmFL+E9X+lZvdklYTy7f9yG43I8cssiNubGhCOGyytKyKutTjNmgBs8
bn0LtazrwFzpCLqU4/02wxe4G8yKLbXmw+OLPiyI0lsKloMH3yEArArV+k83sipl
LKv7XlJtSSp0ZsFqvXF9KUJTuipW8I+zv6NoA69tIz5mC01see29rLvcA8LiHWWB
k/XGpDHWbeVVtDwBn3GB4mmzGto164I4Cd4Y58/U9JR8gOQ6Ilf3jMvxv+k3xKYU
kWB0PHJ0Bqjd8L9k9OG+6gXl7JgIdFmfIMKgw4WwvE+a9LgS5Pom9GA369JNk/GA
ETCnVm81RQyJrSXx194SPiwc2/5SSvAZtOp1Nd7Jfx+K4/8Rbs85fnT7cIsn147E
G4pz2WVqZza97nMTPaUD7IBK4HQPIiD3syXJXbdlH9SCtlKnXA4M/GKhFkRYmzfq
da7EkjaJvW52OErKM7jfEHxNJcKLoVRIkwikJeuIxi4l8zC0u9rS577NlapcgPeY
7lqQb2CixMzuTpkBcMh/rwHtspo9eWfp+FNBGNqoqcrjYo9InAxxSYptxWxs34js
fjqsUEiXSnsATKc92ZVdS+kkAx92/SbyF2VqNyQpBBKJ7nnghVkRRvqJxpJRoSvy
8fMgFFv7nfw/ilShIjAH
=npA4
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org