From owner-freebsd-net@FreeBSD.ORG Thu Jul 24 15:33:35 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4EF201065671 for ; Thu, 24 Jul 2008 15:33:35 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outC.internet-mail-service.net (outc.internet-mail-service.net [216.240.47.226]) by mx1.freebsd.org (Postfix) with ESMTP id 3ED908FC13 for ; Thu, 24 Jul 2008 15:33:35 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 653DD2370; Thu, 24 Jul 2008 08:33:35 -0700 (PDT) Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 3A3562D6042; Thu, 24 Jul 2008 08:33:34 -0700 (PDT) Message-ID: <4888A0B5.4060302@elischer.org> Date: Thu, 24 Jul 2008 08:33:09 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: Igor Sysoev References: <20080724145610.GA57814@rambler-co.ru> In-Reply-To: <20080724145610.GA57814@rambler-co.ru> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: FIB MFC X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jul 2008 15:33:35 -0000 Igor Sysoev wrote: > Julian, thank you for FIB. I have tried in on FreeBSD-7. > > I've found that ipfw does not know about setfib: > ipfw: invalid action setfib > Oh I have not finished MFC.. will finish today.. the svn server crashed last night .. :-/ (or at least went very strange) while I was working on this so I went to bed. > Therefore I've added missing part from CURRENT. > Then I have tried the following configuration: > > vlan1: 10.0.0.100 > vlan2: 192.168.1.100 > > route add default 10.0.0.1 > setfib 1 route add default 192.168.1.1 > ipfw add setfib 1 ip from any to any in via vlan2 > > I expected that outgoing packets of TCP connection established > via vlan2 will be routed to 192.168.1.1, but this did not happen. > The packets went to 10.0.0.1 via vlan1: no, while this doesmake sense, the fib is only used for outgoing packets and the fib of local sockets is set by the process that opens the socket. (either with setfib(2) or sockopt(SETFIB)) I was thinking that it might be possible to tag a socket to accept the fib of the packet coming in, but if we do this, we should decide API to label a socket in this way.. It is a n execellent idea however, and I don't know why I didn't do it already.. > > tcp4 0 0 192.168.1.100.80 XXXXXXXXXX SYN_RCVD > tcp4 0 0 192.168.1.100.80 XXXXXXXXXX SYN_RCVD > tcp4 0 0 192.168.1.100.80 XXXXXXXXXX SYN_RCVD > > Can TCP connection inherit FIB from first SYN packet or not ? no but it is a good idea. > >