Date: Tue, 28 Mar 2006 11:31:22 +0200 From: Max Laier <max@love2party.net> To: freebsd-net@freebsd.org Cc: Brooks Davis <brooks@freebsd.org> Subject: Interface groups (from OpenBSD) Message-ID: <200603281131.28240.max@love2party.net>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Hi, while porting OpenBSD 3.9 (soon to be released) pf I stumbled on interface groups. This is a mechanism to group arbitrary interfaces into logical groups. It is just naming (not functional change), but it helps to convey semantic information (e.g. group "LAN", "DMZ" ...) about your interface to supporting applications. This way you can write a policies for interface group "LAN" and have it applied to all the VLAN interfaces that come and go. Administration is done via ifconfig. We currently have "ifconfig name" which does part of the job. My question: Does that sound like something interesting for us and should I go for importing it into FreeBSD proper, or is it not at all interesting and we don't want it (in which case I'd hack something up for pf). Technical reasoning: A proper import would add an additional TAILQ link into struct ifnet (which is a great deal of ABI change and causes the usual headaches). The hack would use a single void *, but we'd have to pay for the additional indirection. Also yet another config tool would be required to administer the interface <-> group binding. -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQBEKQJwXyyEoT62BG0RApLBAJ9XCNZefXFhdoOe2ddvvmnw8aERwgCeIojM 4j/m5sU8Qm7OP4FGAKDGMys= =64hZ -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200603281131.28240.max>