From owner-freebsd-net@FreeBSD.ORG Mon Aug 8 16:12:19 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB39616A423 for ; Mon, 8 Aug 2005 16:12:19 +0000 (GMT) (envelope-from net@dino.sk) Received: from bsd.dino.sk (bsd.dino.sk [213.215.72.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4C7A543D5D for ; Mon, 8 Aug 2005 16:12:18 +0000 (GMT) (envelope-from net@dino.sk) Received: from home.dino.sk ([213.215.74.194]) (AUTH: LOGIN milan) by bsd.dino.sk with esmtp; Mon, 08 Aug 2005 18:12:08 +0200 id 00000133.42F78458.000003CE From: Milan Obuch To: freebsd-net@freebsd.org Date: Mon, 8 Aug 2005 18:11:44 +0200 User-Agent: KMail/1.8 References: <1123040973.95445.TMDA@seddon.ca> <42F734D0.6F7387E0@freebsd.org> <200508081757.47499.zec@icir.org> In-Reply-To: <200508081757.47499.zec@icir.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200508081811.45126.net@dino.sk> Subject: Re: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Aug 2005 16:12:20 -0000 On Monday 08 August 2005 17:57, Marko Zec wrote: > On Monday 08 August 2005 12:32, Andre Oppermann wrote: > > Dave+Seddon wrote: > > > BTW, I'd be interested to know people's thoughts on multiple IP > > > stacks on FreeBSD. It would be really cool to be able to give a > > > jail it's own IP stack bound to a VLAN interface. It could then be > > > like a VRF on Cisco. > > > > There is a patch doing that for FreeBSD 4.x. However while > > interesting it is not the way to go. You don't want to have multiple > > parallel stacks but just multiple routing tables and interface groups > > one per jail. This gives you the same functionality as Cisco VRF but > > is far less intrusive to the kernel. > > Andre, > > the stack virtualization framework for 4.x is based precisely on > introducing multiple routing tables and interface groups. In order to > cleanly implement support for multiple independent interface groups, > one has to touch both the link and network layers, not forgetting the > ARP stuff... and in no time you have ended up with a huge and intrusive > diff against the original network stack code. > > So I see no point in pretending we could get such a functionality for > free, i.e. with only a negligible intrusiveness to the kernel code. A > more appropriate question would be whether the potential benefits of > having multiple stack state instances could outweight the trouble and > damage associated with the scope of required modifications to the > kernel code tree. Only if we could get an affirmative answer to that > question it would make sense to start thinking / debating on the most > appropriate methodology to (re)implement the multiple stacks framework. > > Cheers, > > Marko I did use Marko's patch for some time with great success. I feel it would be really great to be able to use something similar in new releases. It is really like cisco's vrf. I used it for multi-VPN monitoring/management. There is nothing comparable currently - user mode linux is too resource consuming, other methods are not so easy to use... If anyone knows the way to put virtual stacks into newer FreeBSD, I am eager to test it. For my current task (multi-VPN monitoring/management, again) I will use this, again. Regards, Milan