From owner-freebsd-net@FreeBSD.ORG Sun Feb 6 00:36:56 2011 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CC61B106564A; Sun, 6 Feb 2011 00:36:56 +0000 (UTC) (envelope-from ivo.vachkov@gmail.com) Received: from mail-vx0-f182.google.com (mail-vx0-f182.google.com [209.85.220.182]) by mx1.freebsd.org (Postfix) with ESMTP id 67A3C8FC14; Sun, 6 Feb 2011 00:36:56 +0000 (UTC) Received: by vxa40 with SMTP id 40so1157647vxa.13 for ; Sat, 05 Feb 2011 16:36:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding; bh=BvYHlbW7LpUzw48TYiptwg4B4YchsZ/z0I5neNGARSc=; b=jh28TpNQ5rifkmEk22zEG1rb6ijNbpOPthGlZpHW7hh+KyVvC4EbI3/NXPjXXC2QiS xLuR+XibY9EiEHrzJXQnn7FGFcSo7jWAwmxQpHyIELEtTYXvQH+ccvXom/r4nL1NBs8Y WWKXep2WZ1qEfibNNSBI0MKFeN7LJl3VXX7qQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; b=AxV9WElKOmXvB+TFtW8+13f6gQlzWWIctyS6aJG6/YgzYKswHZm3DU79fGOzBVifbn T+WTg20UFvQtiEcvHw0MlO7pYfYwI/gUnmLhuwG8jWX0CYHa0kZg5laI6+t2Cvv3kKBe m5LrWIzd0CtYYS65PmMqcNhNCZo3fNoGZtmE8= Received: by 10.220.172.9 with SMTP id j9mr3579340vcz.201.1296950983931; Sat, 05 Feb 2011 16:09:43 -0800 (PST) MIME-Version: 1.0 Received: by 10.220.193.9 with HTTP; Sat, 5 Feb 2011 16:09:23 -0800 (PST) In-Reply-To: <4D4DCD1E.1050906@freebsd.org> References: <4D4DCD1E.1050906@freebsd.org> From: Ivo Vachkov Date: Sun, 6 Feb 2011 02:09:23 +0200 Message-ID: To: Julian Elischer Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: FreeBSD Net Subject: Re: divert rewrite X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Feb 2011 00:36:56 -0000 Hello, How can I help? /ipv On Sun, Feb 6, 2011 at 12:20 AM, Julian Elischer wrote= : > for some time now it has been apparent that the divert socket protocol wa= s a > little too heavily tied to IPv4. > > With IPv6 coming along now, it seems that we should look at how to extend > it. > > I see a couple of possible ways to do this: > > --- the first way: ---- > > One would be to add an IPV6 version of divert sockets, possibly from the > same base code. The ipfw code to call it would pass on whether it was an > ipv4 or ipv6 packet that is passed out (or it can just look) > and the divert packet would pass it to the correct socket if it was openn= ed. > > From an application point of view, this means you would have to open an i= pv4 > divert socket and an ipv6 divert socket. > > if you didn't have the right one open.. you would just never see the pack= et. > > Since applications that use divert would probably have to be rewritten to > cope with ipv6 anyhwo this seems to be an > ok solution/cost. > > Any app that was not updated would continue to run with ipv4 but would ne= ver > see IPV6 packets even if diverted. > > ------ another way ---- > > Another way to do this would be to recode divert to be its own protocol > family with its own sockaddr type. > > that socket addr would include the family as now, but would have enough r= oom > to support ipv4 and ipv6 addresses, as well as special fields that are > curently not available in divert or are just 'hacked' > (such as the fact that the name of the interface is hidden in the 'sa_zer= o' > bytes of the ipv4 socket address, and if you keep it and pass it back you > are effectively passing that information back too). > > In this scheme we would allow the socket address structure to have > enough fields to be able to encode some of the more intersting > packet layer information that is in the mbuf. > For example, the FIB, or somefo the other packet flags > or maybe even one or two of the common tags. > > I could see that some of these flags might be useful to a divert agent th= at > understood the protocol stack it was working with: > > #define M_PROTO1 =C2=A0 =C2=A0 =C2=A0 =C2=A00x00000010 /* protocol-specif= ic */ > #define M_PROTO2 =C2=A0 =C2=A0 =C2=A0 =C2=A00x00000020 /* protocol-specif= ic */ > #define M_PROTO3 =C2=A0 =C2=A0 =C2=A0 =C2=A00x00000040 /* protocol-specif= ic */ > #define M_PROTO4 =C2=A0 =C2=A0 =C2=A0 =C2=A00x00000080 /* protocol-specif= ic */ > #define M_PROTO5 =C2=A0 =C2=A0 =C2=A0 =C2=A00x00000100 /* protocol-specif= ic */ > #define M_BCAST =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x00000200 /* send/received a= s link-level broadcast > */ > #define M_MCAST =C2=A0 =C2=A0 =C2=A0 =C2=A0 0x00000400 /* send/received a= s link-level multicast > */ > #define M_SKIP_FIREWALL 0x00004000 /* skip firewall processing */ > > #define M_VLANTAG =C2=A0 =C2=A0 =C2=A0 0x00010000 /* ether_vtag is valid = */ > #define M_PROMISC =C2=A0 =C2=A0 =C2=A0 0x00020000 /* packet was not for u= s */ > #define M_PROTO6 =C2=A0 =C2=A0 =C2=A0 =C2=A00x00080000 /* protocol-specif= ic */ > #define M_PROTO7 =C2=A0 =C2=A0 =C2=A0 =C2=A00x00100000 /* protocol-specif= ic */ > #define M_PROTO8 =C2=A0 =C2=A0 =C2=A0 =C2=A00x00200000 /* protocol-specif= ic */ > #define M_FLOWID =C2=A0 =C2=A0 =C2=A0 =C2=A00x00400000 /* flowid is valid= */ > > > If we really wanted to do more, we could also define an OOB format > that could be used with recvmsg() and sendmsg() that would be > extensible enough to really give a lot of information. > > This would be the least compatible, and to tell the truth, I'd be tempted= to > leave the old ipv4 interface in place as an upgrade aid. > it could however handle all sorts of protocols, not just ipv4 and ipv6 > but possibly L2 packets etc. as well. > It may also be more work than I hope to do :-) > > ------ > > If anyone else has suggetions or man-power or would like to help.. > pipe up! > > > Julian > > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > --=20 "UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity." Dennis Ritchie