From owner-freebsd-net@FreeBSD.ORG Thu Mar 21 13:59:13 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id BDAAA707 for ; Thu, 21 Mar 2013 13:59:13 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-wg0-x229.google.com (mail-wg0-x229.google.com [IPv6:2a00:1450:400c:c00::229]) by mx1.freebsd.org (Postfix) with ESMTP id 56251AD6 for ; Thu, 21 Mar 2013 13:59:13 +0000 (UTC) Received: by mail-wg0-f41.google.com with SMTP id ds1so1897743wgb.4 for ; Thu, 21 Mar 2013 06:59:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :cc:message-id:references:to:x-mailer:x-gm-message-state; bh=0KUsTyXzDcs9HwzEO6cADsP/zYUmv0ws0FMQs2gJIQg=; b=SvpyBGr3tjEpxFXxzZUQQvlHurfJmt0tGTJro5oSGK3ZLZWEWax88MfNr7SMteaSQd CvpMa5xJq1oPssRkX5cO02nPgrIZRax0hPXb312FuyRioYQ0aZn9Id46tV4K9bmGjaml vQf1CDO6x/QBlyuc8nKaqm0+wDZaGAl327i8gl68G/mK2p05enecT7CyGnNbnoFZdfuf /aZ7jXIYE0f7F5UUXhusXq8eWxllxZLqC83jHAqyvgnpmR5FARX1OxthItzMFifw9tWQ qbaYJa0u88iVlTmOE94HoKfzEnsuuCKsvE1vayoKAmOOy5AuPWamn1ulwMIMYUabA5DG t7Qg== X-Received: by 10.180.79.227 with SMTP id m3mr4949840wix.12.1363874351902; Thu, 21 Mar 2013 06:59:11 -0700 (PDT) Received: from dfleuriot-at-hi-media.com ([83.167.62.196]) by mx.google.com with ESMTPS id ex15sm4870646wid.5.2013.03.21.06.59.10 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 21 Mar 2013 06:59:11 -0700 (PDT) Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) Subject: Re: Best way for an app to accept traffic on 30,000+ interfaces? From: Fleuriot Damien In-Reply-To: Date: Thu, 21 Mar 2013 14:59:03 +0100 Message-Id: References: <20130321005959.98706.qmail@f5-external.bushwire.net> <96327F03-86EC-4EE6-9679-F66A960BDDB4@my.gd> To: =?iso-8859-1?Q?Ermal_Lu=E7i?= X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQkBwZYVvq2rwaS2Mqo+hVWrw5r520VI5R5YQqNqoaUJJdEha2xiEl/VLqDLFKCr8xIKimic Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Mar 2013 13:59:13 -0000 On Mar 21, 2013, at 2:57 PM, Ermal Lu=E7i wrote: >=20 >=20 >=20 > On Thu, Mar 21, 2013 at 2:54 PM, Fleuriot Damien wrote: >=20 > On Mar 21, 2013, at 9:25 AM, Ermal Lu=E7i wrote: >=20 > > On Thu, Mar 21, 2013 at 1:59 AM, Mark D = wrote: > > > >> (Hopefully this isn't too out-of-scope for this list..) > >> > >> I have an application in mind that I'd like to have accept/respond = to > >> UDP queries sent to perhaps 30K contiguous IP addresses (most = likely > >> IPV6 addresses because such ranges are easy to come by, but > >> conceptually ipv4 as well). > >> > >> This would all be on a small number of FBSD instances. > >> > >> Though it could be done, I don't really want to create 30K = interfaces > >> and have the application bind 30K sockets as it's not clear if that > >> will scale if I try an address range that expands to, say, 1M IPs > >> wide. > >> > >> This address range would be internet-facing and responding to = random > >> remote clients. > >> > >> My first thought is to use SOCK_RAW in much the same way that natd > >> does - at least to receive the traffic. > >> > >> Is that a sensible and viable approach or is there a better/easier > >> way? > >> > >> > >> Mark. > >> _______________________________________________ > >> freebsd-net@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-net > >> To unsubscribe, send any mail to = "freebsd-net-unsubscribe@freebsd.org" > >> > > > > > > How about firing up one of the firewall/pfil(9) consumers like = (ipfw/pf) > > and adding rules to redirect traffic to a socket bound on loopback? > > > > -- > > Ermal >=20 >=20 > I fail to see how that's different from what I suggested with PF's rdr = rule ? >=20 > I never saw the e-mail in this thread!=20 Find below a copy of the text I posted : =3D=3D Use PF ? :p Rdr quick on $wan inet6 proto udp from any to 2001:1234::1/120 port = 12345 tag uwin -> ::1 Pass in quick on $wan inet6 proto udp tagged $uwin That's a bit dirty though, using PAT on ip6... =3D=3D Here you go. =46rom what I understand, that would be pretty similar to what you = suggested, aye ?