From owner-svn-src-projects@FreeBSD.ORG  Fri Jun 21 10:13:48 2013
Return-Path: <owner-svn-src-projects@FreeBSD.ORG>
Delivered-To: svn-src-projects@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 25673DF5;
 Fri, 21 Jun 2013 10:13:48 +0000 (UTC)
 (envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.69.10])
 by mx1.freebsd.org (Postfix) with ESMTP id A6450181B;
 Fri, 21 Jun 2013 10:13:46 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
 by cell.glebius.int.ru (8.14.7/8.14.7) with ESMTP id r5LADcrN020457;
 Fri, 21 Jun 2013 14:13:38 +0400 (MSK)
 (envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
 by cell.glebius.int.ru (8.14.7/8.14.7/Submit) id r5LADcPf020456;
 Fri, 21 Jun 2013 14:13:38 +0400 (MSK)
 (envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
 glebius@FreeBSD.org using -f
Date: Fri, 21 Jun 2013 14:13:38 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Ermal Lu?i <eri@freebsd.org>
Subject: Re: svn commit: r251993 - in projects/pf/head/sys: net netpfil/pf
Message-ID: <20130621101338.GV1214@FreeBSD.org>
References: <201306191337.r5JDbU3c028003@svn.freebsd.org>
 <CAPBZQG3p5MtjJPcQv28GdfGZBLL7kXCnaX=H1D3ZNQEXYQUUWg@mail.gmail.com>
 <20130621065232.GT1214@FreeBSD.org>
 <CAPBZQG22cX3FMcdZGXP81sqQGehyptYCBwmGfpFyVvcTe9L2bg@mail.gmail.com>
 <20130621072857.GU1214@FreeBSD.org>
 <CAPBZQG3FUqFrTLz9c3TtVsAdcsNCZLL2Nmq1B7AGgCmdF+-PRQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <CAPBZQG3FUqFrTLz9c3TtVsAdcsNCZLL2Nmq1B7AGgCmdF+-PRQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: svn-src-projects@freebsd.org, src-committers@freebsd.org
X-BeenThere: svn-src-projects@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "SVN commit messages for the src &quot; projects&quot;
 tree" <svn-src-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-projects>, 
 <mailto:svn-src-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-projects>
List-Post: <mailto:svn-src-projects@freebsd.org>
List-Help: <mailto:svn-src-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-projects>, 
 <mailto:svn-src-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Jun 2013 10:13:48 -0000

On Fri, Jun 21, 2013 at 10:47:44AM +0200, Ermal Lu?i wrote:
E> Yeah but what makes it so hard to be runtime configurable!
E> Its just a hash mask no?

It is possible, but hard. You need to copy from old hash to new
hash, which can take long time. Blocking entire pf for this
procedure isn't a feasible option. Thus, you need to do that in
parallel with packet processing, and packet processing shouldn't
encounter state mismatches, so it should look into both hashes:
the old one and the new one. And in perfect case this shouldn't
add overhead on a normal processing.

E> dummynet already does runtime chaning as an example of components using
E> hash and runtime configurable.

Dummynet is very different.

-- 
Totus tuus, Glebius.