Alternative validators
Closed, WontfixPublicFEATURE REQUEST
Actions

Assigned To

Authored By

	Viacheslav
	Jun 19 2022, 9:46 AM

Description

We can decrease validation time for some validators with go

Standard validator ipv4-range

vyos@r14# time sudo sh -c ' for ((n=0;n<10000;n++)); do  /usr/libexec/vyos/validate-value  --exec /usr/libexec/vyos/validators/ipv4-range --value "192.0.2.1-192.0.2.100"; done'

real	0m48.825s
user	0m26.534s
sys	0m23.904s
[edit]
vyos@r14#

The same validator in PoC go

vyos@r14# time sudo sh -c ' for ((n=0;n<10000;n++)); do  /usr/libexec/vyos/validate-value  --exec /usr/libexec/vyos/validators/ipv4-range-go --value "192.0.2.1-192.0.2.100"; done'

real	0m27.069s
user	0m12.814s
sys	0m14.784s
[edit]
vyos@r14#

There is an example of code:

$ cat ipv4-range.go
package main

import (
    "net"
    "os"
    "strings"
    "math/big"
)

var (
    hosts = os.Args[1]
)


func IP4toInt(IPv4Address net.IP) int64 {
    IPv4Int := big.NewInt(0)
    IPv4Int.SetBytes(IPv4Address.To4())
    return IPv4Int.Int64()
}

func IsIPv4(ip string) bool {
    if net.ParseIP(ip) == nil {
        return false
    }
    return true
}

func main() {
    dash := strings.Contains(hosts, "-")
    if dash == false {
        os.Exit(1)
    }

    lines := strings.Split(hosts, "-")
    first, second := string(lines[0]), string(lines[1])

    dec_first := IP4toInt(net.ParseIP(first))
    dec_second := IP4toInt(net.ParseIP(second))

    if dec_first  >= dec_second  {
        os.Exit(1)
    }

    for _, host := range lines {
        if IsIPv4(host) == false {
            os.Exit(1)
        }
    }
}

Some comparisons:
https://programming-language-benchmarks.vercel.app/python-vs-go
https://programming-language-benchmarks.vercel.app/go-vs-ocaml

Details

Difficulty level: Unknown (require assessment)
Version: 1.4
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Feature (new functionality)

Event Timeline

Viacheslav created this task.Jun 19 2022, 9:46 AM

Viacheslav updated the task description. (Show Details)Jun 19 2022, 10:07 AM

Viacheslav changed Version from - to 1.4.

PR https://github.com/vyos/vyos-1x/pull/1365

pasik added a subscriber: pasik.Jun 19 2022, 6:27 PM

Potentially slow validators:

src/validators/interface-address:ipaddrcheck --is-ipv4-host $1 || ipaddrcheck --is-ipv6-host $1 
src/validators/ip-address:ipaddrcheck --is-any-single $1
src/validators/ip-cidr:ipaddrcheck --is-any-cidr $1
src/validators/ip-host:ipaddrcheck --is-any-host $1
src/validators/ip-prefix:ipaddrcheck --is-any-net $1
src/validators/ipv4:ipaddrcheck --is-ipv4 $1
src/validators/ipv4-address:ipaddrcheck --is-ipv4-single $1
src/validators/ipv4-host:ipaddrcheck --is-ipv4-host $1
src/validators/ipv4-multicast:ipaddrcheck --is-ipv4-multicast $1 && ipaddrcheck --is-ipv4-single $1
src/validators/ipv4-prefix:ipaddrcheck --is-ipv4-net $1
src/validators/ipv4-range:  ipaddrcheck --is-ipv4-single ${strarr[0]}
src/validators/ipv4-range:  ipaddrcheck --is-ipv4-single ${strarr[1]}
src/validators/ipv6:ipaddrcheck --is-ipv6 $1
src/validators/ipv6-address:ipaddrcheck --is-ipv6-single $1
src/validators/ipv6-host:ipaddrcheck --is-ipv6-host $1
src/validators/ipv6-multicast:ipaddrcheck --is-ipv6-multicast $1 && ipaddrcheck --is-ipv6-single $1
src/validators/ipv6-prefix:ipaddrcheck --is-ipv6-net $1

The PR was rejected but the task was never closed, closing now.

Alternative validatorsClosed, WontfixPublicFEATURE REQUESTActions

Description

Details

Event Timeline

Alternative validators
Closed, WontfixPublicFEATURE REQUEST
Actions