Date: Fri, 26 Oct 2012 13:43:30 +0200 From: Andre Oppermann <andre@freebsd.org> To: Gleb Smirnoff <glebius@FreeBSD.org> Cc: svn-src-head@FreeBSD.org, "Andrey V. Elsukov" <ae@FreeBSD.org>, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org Subject: Re: svn commit: r242079 - in head: sbin/ipfw share/man/man4 sys/conf sys/net sys/netinet sys/netinet6 sys/netpfil/ipfw Message-ID: <508A7762.1040106@freebsd.org> In-Reply-To: <20121026112629.GC70741@FreeBSD.org> References: <201210250939.q9P9dF0q022970@svn.freebsd.org> <508960C2.6030003@freebsd.org> <508967E3.3070508@FreeBSD.org> <5089A13F.8080405@freebsd.org> <20121026112629.GC70741@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 26.10.2012 13:26, Gleb Smirnoff wrote: > On Thu, Oct 25, 2012 at 10:29:51PM +0200, Andre Oppermann wrote: > A> On 25.10.2012 18:25, Andrey V. Elsukov wrote: > A> > On 25.10.2012 19:54, Andre Oppermann wrote: > A> >> I still don't agree with naming the sysctl net.pfil.forward. This > A> >> type of forwarding is a property of IPv4 and IPv6 and thus should > A> >> be put there. Pfil hooking can be on layer 2, 2-bridging, 3 and > A> >> who knows where else in the future. Forwarding works only for IPv46. > A> >> > A> >> You haven't even replied to my comment on net@. Please change the > A> >> sysctl location and name to its appropriate place. > A> > > A> > Hi Andre, > A> > > A> > There were two replies related to this subject, you did not replied to > A> > them and i thought that you became agree. > A> > A> I replied to your reply to mine. Other than that I didn't find > A> anything else from you. > A> > A> > So, if not, what you think about the name net.pfil.ipforward? > A> > A> net.inet.ip.pfil_forward > A> net.inet6.ip6.pfil_forward > A> > A> or something like that. > A> > A> If you can show with your performance profiling that the sysctl > A> isn't even necessary, you could leave it completely away and have > A> pfil_forward enabled permanently. That would be even better for > A> everybody. > > I'd prefer to have the sysctl. Benchmarking will definitely show > no regression, because in default case packets are tagless. But if > packets would carry 1 or 2 tags each, which don't actually belong > to PACKET_TAG_IPFORWARD, then processing would be pessimized. With M_FASTFWD_OURS I used an overlay of the protocol specific M_PROTO[1-5] mbuf flags. The same can be done with M_IPFORWARD. The ipfw code then will not only add the m_tag but also set M_IPFORWARD flag. That way no sysctl is required and the feature is always available. The overlay definition is in ip_var.h. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?508A7762.1040106>