From owner-freebsd-net@FreeBSD.ORG Mon Sep 19 16:20:08 2005 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9EA9816A41F for ; Mon, 19 Sep 2005 16:20:08 +0000 (GMT) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9BB0743D60 for ; Mon, 19 Sep 2005 16:20:03 +0000 (GMT) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.11/8.12.11) with ESMTP id j8JGK3xO069520; Mon, 19 Sep 2005 09:20:03 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.11/8.12.3/Submit) id j8JGK3vZ069519; Mon, 19 Sep 2005 09:20:03 -0700 (PDT) (envelope-from rizzo) Date: Mon, 19 Sep 2005 09:20:03 -0700 From: Luigi Rizzo To: Jeremie Le Hen Message-ID: <20050919092003.A69332@xorpc.icir.org> References: <6.2.3.4.2.20050918205708.08cff430@localhost> <20050918235659.B60185@xorpc.icir.org> <6.2.3.4.2.20050919010035.07dfc448@localhost> <20050919005932.B60737@xorpc.icir.org> <6.2.3.4.2.20050919085600.07f783f0@localhost> <20050919160853.GA24643@obiwan.tataz.chchile.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20050919160853.GA24643@obiwan.tataz.chchile.org>; from jeremie@le-hen.org on Mon, Sep 19, 2005 at 06:08:53PM +0200 Cc: Brett Glass , net@freebsd.org Subject: Re: Efficient use of Dummynet pipes in IPFW X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Sep 2005 16:20:08 -0000 On Mon, Sep 19, 2005 at 06:08:53PM +0200, Jeremie Le Hen wrote: > Luigi, Brett, > > > >in terms of implementation, if you want to add it, the best place > > >would be to add the 'skipto' fields to each 'action' opcode. > > >I am not very interested in implementing it, though, because i still see > > >ipfw as a low-level language. > > Is it a goal or an observation ? > > > I don't see it that way, because low level languages like assembler > > are normally very efficient and highly granular. The underlying > > opcode language of IPFW is low level for sure. But I would classify > > IPFW's "language," as presented by the userland utility, as "high > > level but limited." Sort of like the MS-DOS shell. > > While I'm quite reluctant to complixify ipfw syntax, I must admit that > having the possibility to negate a whole rule could speed up well-thought original ipfw add 1000 dosomething cond1 cond2 cond3 cond4 cond5 ... condN negated: ipfw add 1000 skipto 1001 cond1 cond2 cond3 cond4 cond5 ... condN ipfw add 1000 dosomething sure if 'dosomething' is non-terminal in some cases you need 3 instead of 2 rules skipto are extremely efficient (just a pointer dereference), almost as efficient as it would be a 'resume' option. cheers luigi > rulesets. Efficiency _is_ a goal of ipfw. This would certainly > simplify some rulesets, avoiding to use De Morgan's theorem, but more > importantly, this will also prevent to tests for N rules when you just > want to test for the negation of N criterions. At very high PPS, when > pf is not an option any more but ipfw still is, this might create a gap > with the current implementation. > > OTOH, I agree with Luigi about the "resume" keyword. This introduces > a kind of linked-lists, but this is just syntactic sugar and I can't > see any performance improvement with this. This might be worth to have > but I'm a little but scared about adding such options because there > would be no reason then to not add other syntactic facilities, which > would end up messing the whole syntax. > > Best regards, > -- > Jeremie Le Hen > < jeremie at le-hen dot org >< ttz at chchile dot org > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"