Date: Tue, 9 Mar 99 16:52:52 GMT From: Terry Glanfield <terry@ppsl.demon.co.uk> To: freebsd-hackers@freebsd.org Subject: Tunnel loopback Message-ID: <9903091652.AA04146@ppsl.demon.co.uk>
next in thread | raw e-mail | index | archive | help
Hi, I've been trying to use a FreeBSD (3.0-RELEASE and 3.1-RELEASE) tunnel device (/dev/tunN) to push packets back onto the IP stack[1] with some success. Firstly I redirect all packets on one interface (ed0) to the tunnel using IPFilter: pass in quick on ed0 to tun0 all Then with a simple read/write loop attached to /dev/tun0 I can bounce all packets back in again. This works up to a point. I'm finding that a single icmp packet send into tun0 results in thousands of packets entering my read/write loop before one packet finally finds its way out again. If I insert a short sleep between the read and write calls the number of packets are reduced but the overall time taken remains constant (~1 second). Hacking the loopback into the kernel (if_tun.c) results in a similar time scale but hundreds of thousands of packets being bounced around. I get the feeling I'm missing something obvious. Short-term state information or optimisations maybe? Any pointers would be much appreciated. Regards, Terry. [1] The idea is to mix NAT and SKIP on the same box by doing the SKIP encryption on a different interface before it hits NAT. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9903091652.AA04146>