Date: Wed, 18 Jun 2003 10:58:36 +0200 From: Andy Sporner <sporner@nentec.de> To: gabriel_ambuehl@buz.ch Cc: freebsd-cluster@freebsd.org Subject: Re: iSCSI and clustering with FreeBSD Message-ID: <3EF029BC.70707@nentec.de> References: <Pine.LNX.4.21.0304201700310.30275-100000@walnut.he.net> <20030617184938.GA1078@grant.org> <3EF01187.7010709@nentec.de> <731849421.20030618104626@buz.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
Gabriel Ambuehl wrote: >If can live with NAT, ipf/ipnat will can do this out of the box with >some >code that detects switches and changes rules accordingly. > >And with divert sockets of ipfw, you could even write you're own >userland daemon to do mangle the packets... > > I thought this too. but it only does ICMP redirects and that isn't sufficient for what I will need. Not only that some people might want to hide networks behind the load balancer. Also with the user space stuff there is a slow-down because of the context switch. I went to a presentation by Guido (??) at the BSDcon-2000 about this and he was even talking about loadable kernel modules to do this too. But the more I looked at the code the more I had the impression that what people thought about NAT was the other direction (hiding computers behind a firewall). There was some other limitation that I cannot recall at the moment. (I had originally written an interface to create files to the front end of IPFW but there was some kind of problem that basically was too deep to try to fix). Andy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EF029BC.70707>