From owner-freebsd-net@FreeBSD.ORG Fri Apr 22 15:12:36 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BB56216A4CE for ; Fri, 22 Apr 2005 15:12:36 +0000 (GMT) Received: from mail.packetfront.com (maillab.packetfront.com [212.247.6.198]) by mx1.FreeBSD.org (Postfix) with ESMTP id 143D943D39 for ; Fri, 22 Apr 2005 15:12:36 +0000 (GMT) (envelope-from ragnar@ghn.se) Received: from localhost (localhost [127.0.0.1]) by mail.packetfront.com (Postfix) with ESMTP id 82431A3F6E for ; Fri, 22 Apr 2005 17:12:31 +0200 (CEST) Received: from mail.packetfront.com ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 12850-08 for ; Fri, 22 Apr 2005 17:12:31 +0200 (CEST) Received: from [192.168.1.159] (pf-raglon.int.packetfront.com [192.168.1.159]) by mail.packetfront.com (Postfix) with ESMTP id 4AECEA3F6B for ; Fri, 22 Apr 2005 17:12:31 +0200 (CEST) Message-ID: <42691452.6060008@ghn.se> Date: Fri, 22 Apr 2005 17:12:18 +0200 From: =?ISO-8859-1?Q?Ragnar_L=F6nn?= Organization: Packetfront User-Agent: Mozilla Thunderbird 0.8 (Windows/20040913) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at packetfront.com Subject: Simulating multiple physical machines using Netgraph? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Apr 2005 15:12:37 -0000 Hi all, I have a problem that I would like to know if Netgraph can help me solve or not. Any help will be greatly appreciated :-) I'm trying to emulate many (hundreds) of physical machines using a single PC, for purposes of testing Internet access hardware. I have set up a (Linux-based) system where I set up virtual VLAN-enabled network interfaces on the PC, give these interfaces individual MAC- and IP-addresses, then connect the "real", physical interface on the machine to a VLAN switch. By using source routing on the Linux PC I'm able to make all traffic from an application that binds to a certain interface to be sent through the appropriate VLAN interaface and thus get VLAN-tagged and also the right source MAC-address. To the hardware on the other side of the VLAN switch it looks as if there are many physical machines connecting to it because it sees traffic from different MAC- and IP-addresses coming in on different physical ports. VLAN101@ethernet0@PC ---+ +--- port 1 --- Access unit port 1 VLAN102@ethernet0@PC ---+---VLAN SWITCH +--- port 2 --- Access unit port 2 VLAN103@ethernet0@PC ---+ +--- port 3 --- Access unit port 3 I'm using Linux to do this, because it allows me to assign individual MAC addresses to virtual interfaces. Something I had problems doing under FreeBSD (I think it was the kernel dropping ethernet packets that arrived on virtual interface X, with destination MAC address for interface X, and not the destination MAC address for the underlying physical interface. Something I've seen mentioned here on the list too and which seems to have changed between FreeBSD 4.10 and 5.x). Anyway, the problem with Linux is that apart from some troubles with e.g. IGMP/ Multicast I've also run into a limit of roughly 250 virtual interfaces that I'm able to create. The Linux kernel uses a single byte as index value for its routing tables, meaning you can only have 256 of them on the system, and each of my virtual interfaces need its own routing table (albeit with only a single entry in it) so I can't emulate more than roughly 250 physical machines with this setup. What I would like to do would be to have a special virtual network interface that when an application binds to it, causes all the packets from that application to get the right source MAC address and IP address (of the virtual interface) as well as bypass the normal routing table and get sent directly to e.g. a gateway host that can forward packets for that particular source IP address. Packets coming in to the raw physical interface similarly needs to get directed to the virtual interface so that the application can read them. Ideally, the application should think that it's using a standard ethernet interface and notice nothing different about it. Is it possible to do something like that with Netgraph on FreeBSD? Regards, /Ragnar