Date: Tue, 09 Dec 2008 09:31:59 -0800 From: Julian Elischer <julian@elischer.org> To: Angelo Turetta <aturetta@commit.it> Cc: freebsd-net@freebsd.org Subject: Re: Multiple routing table clarification Message-ID: <493EAB8F.7090509@elischer.org> In-Reply-To: <493E66BD.6090907@commit.it> References: <493E66BD.6090907@commit.it>
next in thread | previous in thread | raw e-mail | index | archive | help
Angelo Turetta wrote: > I need to run squid, serving different networks with different > (potentially conflicting) IP address schemes. > > I read the original implementation notes for setfib/multiple routing > tables: > http://perforce.freebsd.org/fileViewer.cgi?FSPC=//depot/user/julian/routing/plan.txt > > > and I would like to ask for some clarifications: > > - is it possible for a single process to listen for TCP connections > using more than one socket, each with its own 'fib'? yes, but only if you have source. you need to do a setsockopt(SOO_SETFIB,...) on each socket before you do the listen(). Otherwise all socekts from the same process get the same fib. > > - if I use ipfw rules to tag incoming traffic, can I force the fib on a > incoming TCP connection to be different from the fib of the > process/socket listening for that connection? no, the fib for a socket is set by the process that does the listen. HOWEVER I have been asked to add a feature where setting a fib of -1 on a socket will allow it to get its fib from the incoming SYN packet.. Ithink that would bewhat you are asking for. > > Thanks for any help (oh, BTW, if somewhere more detailed howto/doc about > this feature can be found, please forward any pointers) man 2 setsockopt man 1 setfib man 2 setfib > > Angelo. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?493EAB8F.7090509>