From owner-freebsd-net@FreeBSD.ORG Wed Jan 21 07:51:50 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 645CD16A4CE for ; Wed, 21 Jan 2004 07:51:50 -0800 (PST) Received: from ns2.alphaque.com (ns2.alphaque.com [202.75.47.153]) by mx1.FreeBSD.org (Postfix) with SMTP id 97BD343D1F for ; Wed, 21 Jan 2004 07:51:45 -0800 (PST) (envelope-from dinesh@alphaque.com) Received: (qmail 62014 invoked by uid 0); 21 Jan 2004 15:51:39 -0000 Received: from lucifer.net-gw.com (HELO prophet.alphaque.com) (202.75.47.153) by lucifer.net-gw.com with SMTP; 21 Jan 2004 15:51:39 -0000 Received: from localhost (localhost.alphaque.com [127.0.0.1]) by prophet.alphaque.com (8.12.10/8.12.9) with ESMTP id i0LFpQDQ001384; Wed, 21 Jan 2004 23:51:26 +0800 (MYT) (envelope-from dinesh@alphaque.com) Date: Wed, 21 Jan 2004 23:51:26 +0800 (MYT) From: Dinesh Nair To: Andrew Riabtsev In-Reply-To: <185104547741.20040121161130@b-o.ru> Message-ID: <20040121234818.U532-100000@prophet.alphaque.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re[2]: netgraph questions on ng_tee, ng_iface, ng_socket X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jan 2004 15:51:50 -0000 On Wed, 21 Jan 2004, Andrew Riabtsev wrote: > 1 let default route be to fxp0 > 2 conncet fxp0's upper hook to "one" hook of ng_one2many > 3 connect lower hooks of fxp0 and aue0 to "many" hooks of ng_one2many > 4 u have what u r accept for the overwriting src ip > 5 time for uber hack ng_one2many: i had initially tried this, without modifying ng_one2many, but like adrian pointed out in an earlier email, i wasnt checking if the destination host was receiving the packets ok. it was exploratory alright. :) > kernels, our kernel check for ethernet dst addr of arrived packets and > see that not all packets came from fxp0 (some of them came from aue0, > as he has different MAC) and drop it. All u need is just comment or > modify this terrible check in ether_demux() in net/if_ethersubr.c. not really necessary. you can set the aue0 and other interfaces connected to the many hooks to be promiscous and to not overwrite the ethernet address. this, of course, only works on bonding the links for same segment traffic. the bottleneck will still be the ISP thru which it goes out. Regards, /\_/\ "All dogs go to heaven." dinesh@alphaque.com (0 0) http://www.alphaque.com/ +==========================----oOO--(_)--OOo----==========================+ | for a in past present future; do | | for b in clients employers associates relatives neighbours pets; do | | echo "The opinions here in no way reflect the opinions of my $a $b." | | done; done | +=========================================================================+