From owner-freebsd-net@FreeBSD.ORG Sat Jan 17 02:16:11 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B543016A4CE for ; Sat, 17 Jan 2004 02:16:11 -0800 (PST) Received: from phantom.cris.net (phantom.cris.net [212.110.130.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7527243D4C for ; Sat, 17 Jan 2004 02:16:07 -0800 (PST) (envelope-from ru@FreeBSD.org.ua) Received: from phantom.cris.net (ru@localhost [127.0.0.1]) by phantom.cris.net (8.12.10/8.12.10) with ESMTP id i0HAGljm018643; Sat, 17 Jan 2004 12:16:47 +0200 (EET) (envelope-from ru@FreeBSD.org.ua) Received: (from ru@localhost) by phantom.cris.net (8.12.10/8.12.10/Submit) id i0HAGlSt018638; Sat, 17 Jan 2004 12:16:47 +0200 (EET) (envelope-from ru) Date: Sat, 17 Jan 2004 12:16:46 +0200 From: Ruslan Ermilov To: Xin LI Message-ID: <20040117101646.GD18084@FreeBSD.org.ua> References: <042601c3dcb0$de90c410$0401a8c0@phantasm205> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="gMR3gsNFwZpnI/Ts" Content-Disposition: inline In-Reply-To: <042601c3dcb0$de90c410$0401a8c0@phantasm205> User-Agent: Mutt/1.5.5.1i cc: freebsd-net@freebsd.org Subject: Re: Newbie question: is net.inet.ip.fastforwarding intended for routers only? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Jan 2004 10:16:11 -0000 --gMR3gsNFwZpnI/Ts Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jan 17, 2004 at 12:17:48PM +0800, Xin LI wrote: > As title. To my imagination (I have taken a sight on the kernel networking > code), the fastforwarding path is intended for routers only, so if I want > some functionalities, for example, NAT, the fastforwarding is not useful, > and my experiment shows that if I enable it, ipfilter's NAT will be broke= n. > Am I right? >=20 > Thanks in advance! >=20 Worse. From the inet(4) manpage, : IPCTL_FASTFORWARDING (ip.fastforwarding) Boolean: enable/disable the use : of fast IP forwarding code. Defaults to off. When : fast forwarding is enabled, IP packets are for- : warded directly to the appropriate network inter- : face with a minimal validity checking, which : greatly improves the throughput. On the other : hand, they bypass the standard procedures, such as : IP option processing and ipfirewall(4) checking. : It is not guaranteed that every packet will be : fast-forwarded. Cheers, --=20 Ruslan Ermilov FreeBSD committer ru@FreeBSD.org --gMR3gsNFwZpnI/Ts Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFACQuOUkv4P6juNwoRAtZhAJ0QxgZHRigzVaQEWPUTVZn3N3TjoACbBY3N MK58toXTnYWdT8mxYcidt3E= =T8Rl -----END PGP SIGNATURE----- --gMR3gsNFwZpnI/Ts--