Date: Mon, 19 Feb 2001 04:44:01 -0800 From: Julian Elischer <julian@elischer.org> To: Satyajeet Seth <sseth@sasken.com> Cc: net@freebsd.org Subject: Re: Using netgraph to implement pseudo interfaces Message-ID: <3A911511.8897BEC3@elischer.org> References: <Pine.GSO.4.30.0102191740360.4360-100000@suns3.sasi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Satyajeet Seth wrote:
>
> Hi
>
> A node of type ng_bpf uses BPF. How is a packet passed onto the
> BPF? I believe a copy of the packet is sent. Is this correct?
man ng_bpf.
the ng_bpf node takes a packet as input and applies a bpf 'filter' to it.
if the filter succeeds, the packet is sent out the hook marked for success in
that filter.
If the filter fails is is passed out the hook marked for failure in that filter.
If the correct hook is NULL, the packet is discarded.
It is a PACKET. it is not a copy unless you first copied it, which
is irrelevent and beyond the knowledge of the ng_bpf node.
(the ng_bpf node gets it's packets from netgraph in the usual netgraph
way and NOT by the usual bpf hooks in the drivers.)
>
> Once a packet is sent to the BPF, will the driver process the
> packet further and queue it to the IP layer?
No, not unless you send it back to the interface to be processed further.
please read the netgraph man page
man 4 netgraph
and the ng_ether man page
man 4 ng_ether
>
> If so, in our case, there will be duplication of packets. Here the BPF
> will pass the packets onto pseudo ethernet interfaces. These interfaces
> will in turn queue the packets to the IP layer.
There is no duplication. Netgraph produces a non directed graph (in math-speak)
of connected nodes to process arbitrary data in arbitrary ways.
There is a 'hook' in the ethernet framework that allows ethernet packets to be
TOTALY DIVERTED into netgraph (or only diverted if unrecognised).
netgraph in turn has a means to feed the packets back into the normal
stream after it has completed processing. (useful for wrapping for VPNs etc)
It can feed them back into the ethernet framework to cntinue upwards
as if nothing has happenned, into a virtual interface, out a socket, into
another
node, or out the transmit side of the original (or any other) interface. What it
does depends entirely how you hook it toghther. Think of LEGO for networking.
>
> Thanks
> Satya
>
--
__--_|\ Julian Elischer
/ \ julian@elischer.org
( OZ ) World tour 2000-2001
---> X_.---._/
v
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A911511.8897BEC3>