Date: Wed, 07 Oct 2009 16:15:17 -0500 From: Guy Helmer <ghelmer@palisadesys.com> To: Joe R <apauljoe@gmail.com> Cc: freebsd-ipfw@freebsd.org, julian@elischer.org Subject: Re: Extension of dummynet/ipfw to support userspace packet classification Message-ID: <4ACD04E5.50806@palisadesys.com> In-Reply-To: <286e18280910071246r33d33476ya9dd846cd1de6062@mail.gmail.com> References: <286e18280910071246r33d33476ya9dd846cd1de6062@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Joe R wrote: > We at ironport have a requirement to do bandwidth management, but the > traffic classification (and selection of bandwidth pipes) is done in > userspace. The reason classification is done in userspace is because the > traffic classifications are something like streaming audio traffic, video > traffic, based on website categories etc. > > > > Our appliance is based on FreeBSD, and so we decided to look at dummynet to > support our requirement. We could not use dummynet as such because it uses > ipfw for packet classification, where packet classification (and pipe > selection) is done in kernel based on tcp/ip parameters like IP and port. > > > > So we decided to extended dummynet/ipfw to support packet classification in > userspace. > > Our idea is to extended socket structure to have a pipe number and have a > setsockoption to associate the pipe number to a socket structure. Then have > a new ipfw target (mappedpipe), which will pass the packet to dummynet > (similar to pipe target) but with the pipe number in the socket structure if > it is non-zero. > > > > I would like to know your comments on this proposal and if people are > interested, I will be happy to submit a patch on this. > > I think it would be a very useful capability to apply a dummynet pipe to a stream. My thinking was that it would be nice to be able to build a dynamic table of connections in ipfw and then ipfw could pass packets that matched the dynamic connections list through a specified dummynet pipe. I think that is different than your design, though -- as I understand it, your design would apply dummynet to packets written to a socket. Guy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4ACD04E5.50806>