Date: Sat, 29 Dec 2007 12:02:22 +0900 From: gnn@freebsd.org To: Marko Zec <zec@tel.fer.hr> Cc: FreeBSD Net <freebsd-net@freebsd.org>, Qing Li <qingli@freebsd.org>, Robert Watson <rwatson@freebsd.org>, Julian Elischer <julian@elischer.org>, freebsd-arch@freebsd.org Subject: Re: resend: multiple routing table roadmap (format fix) Message-ID: <m2hci2ursx.wl%gnn@neville-neil.com> In-Reply-To: <200712282040.30745.zec@tel.fer.hr> References: <4772F123.5030303@elischer.org> <m2bq8bvsis.wl%gnn@neville-neil.com> <200712282040.30745.zec@tel.fer.hr>
next in thread | previous in thread | raw e-mail | index | archive | help
At Fri, 28 Dec 2007 20:40:30 +0100, Marko Zec wrote: > The thrust behind Julian's work seems to be providing multiple > forwarding tables for for purposes of traffic engineering / policy > based routing, with a single firewall instance used as a classifier. > vimage-style network stack virtualization provides for more strict > isolation on both port and IP address space, independent firewall > instances, IPSEC config / state etc., and as such might be better > suited for providing enhanced jail-style virtual hosting environments, > as well as for providing virtual router "slices". > > So once we get Julian's multi-FIB stuff in the base system, I see no > reason why we couldn't have this functionality replicated in > each "vimage" instance, i.e. have multiple independent virtual > networking environnments, each with multiple FIBs. > > Implementationwise, my hacks currently rely on macros for conditional > virtualization of global variables / structs. As long as Julian's > changes continue to be unconditional, i.e. without playing a similar > macroization game, I think integrating this code (once it hits HEAD) > into p4/projects/vimage should be more or less a straightforward job. Cool, that's what I wanted to hear. Best, George
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m2hci2ursx.wl%gnn>