From owner-freebsd-net Wed Dec 4 21:40:12 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 47A8A37B401 for ; Wed, 4 Dec 2002 21:40:10 -0800 (PST) Received: from sccrmhc01.attbi.com (sccrmhc01.attbi.com [204.127.202.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id A58E043EBE for ; Wed, 4 Dec 2002 21:40:09 -0800 (PST) (envelope-from julian@elischer.org) Received: from InterJet.elischer.org (12-232-168-4.client.attbi.com[12.232.168.4]) by sccrmhc01.attbi.com (sccrmhc01) with ESMTP id <200212050540080010074eqme>; Thu, 5 Dec 2002 05:40:08 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id VAA31280; Wed, 4 Dec 2002 21:36:27 -0800 (PST) Date: Wed, 4 Dec 2002 21:36:26 -0800 (PST) From: Julian Elischer To: Don Bowman Cc: "'freebsd-net@freebsd.org'" Subject: RE: SO_DONTROUTE, arp's, ipfw fwd, etc In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 4 Dec 2002, Don Bowman wrote: > > From: Julian Elischer [mailto:julian@elischer.org] > > On Wed, 4 Dec 2002, Don Bowman wrote: > ... > > > It gets the destination MAC address from the SRC AMC field of the > > preceding incoming packets with that IP src, dst and port > > combination.... i.e. the node would look within the IP header. > > > > > > > Wouldn't it be more efficient for me to > > > just create the ether-header when the SYN comes in, store it > > > in the PCB, and use that on each outgoing packet for that tcp > > > connection, add a sockopt (or use SO_DONTROUTE for this on the > > > listen socket)? > > > > yes and no... you would be breaking the layering in > > the standard code and you'd get crucified for it. > > > > start with the ng_bridge node and make it look within > > the IP header and use that information in it's hash tables instead of > > MAC addresses. It'll need some hosekeeping code too. > > (to flush old info, though you could reduce this by removing > > entries when you see the FIN packets go past.) > > Perhaps I can do this within ipfw? Its only ipfw that is bringing up > this situation, making me respond to things that normally wouldn't > be routed to me. Perhaps 'ipfw' is missing something when it does > a 'fwd' to localhost, another step to make this all work? 'divert' sockets are to allow you to do things in ipfw.. > > FIN are pretty rare :) Too often things just shut off. I'm nervous > about trying to cache the info outside the PCB since it has to > stay in sync (its not like the arp cache, there's no way to get > the info back if you drop it early). > RST is even more problematic since I have to decide if its in-window. doesn't really matter.. if you remove a cache entry, you'll just recreate it on teh next incoming packet. > > --don (don@sandvine.com www.sandvine.com) > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message