Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 5 Sep 2012 22:09:23 +0200
From:      =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org>
To:        Gleb Smirnoff <glebius@freebsd.org>
Cc:        pf@freebsd.org, net@freebsd.org
Subject:   Re: [HEADS UP] merging projects/pf into head
Message-ID:  <CAPBZQG0KHs_ckvn0TPr38Z_vPokziZH=1xx1NG53Ld8rkV_JJg@mail.gmail.com>
In-Reply-To: <20120905115140.GF15915@FreeBSD.org>
References:  <20120905115140.GF15915@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi Gleb,

On Wed, Sep 5, 2012 at 1:51 PM, Gleb Smirnoff <glebius@freebsd.org> wrote:
>   Hi!
>
>   [announce goes both to net@ and pf@, but any discussion should
>    go on on pf@FreeBSD.org only, please]
>
>   As you already may now, last half a year I've been working on
> making pf SMP-scalable and faster in general. More info can be
> found here:
>
> http://lists.freebsd.org/pipermail/freebsd-pf/2012-June/006643.html
> http://lists.freebsd.org/pipermail/freebsd-pf/2012-June/006662.html
>
>   Since that announce in June, I've been running experimental code for
> more than 2 months in production on several routers. Also, some brave
> people volunteered to be beta-testers and also run the experimental
> branch in last couple of months. Code proved to be stable enough.
>
>   The new code performs better in production: less CPU load, less
> jitter, more responsive system under high load. It performs better
> under synthetic benchmarks like random generated UDP flood. It
> performs much better when DoS comes in.
>

Its good to see results on your work and is good moving forward.
Claiming better behavior, under DoS or other comparison without showing any data
or technical reason is a bit over this RFC.

>   Thus, I plan to merge projects/pf/head to head this weekend, and
> this is a HEADS UP email! You have been warned. :)
>
>   What I'd like to do next:
>
>   1) Move pf out of contrib.
I do not see a reason behind this, any particular reason?

>   2) Refactor the pfvar.h into pf.h and pf_var.h. Provide stable
>      kernel<->pfctl ABI. And probably other clean up tasks.
Just this reason is a bit contradictory with 1) above!
Let alone what does this mean to the user?! Nothing?
They are after syntax stability, not breaking their machines on
upgrade, ABI is nothing to them.

Please reconsider the option of renaming the import and allowing both
ports to coexist.
Than you can have your changes going through.

Regards,
Ermal



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPBZQG0KHs_ckvn0TPr38Z_vPokziZH=1xx1NG53Ld8rkV_JJg>