Date: Tue, 28 Mar 2006 08:24:31 -0800 From: Brooks Davis <brooks@one-eyed-alien.net> To: Max Laier <max@love2party.net> Cc: freebsd-net@freebsd.org, Brooks Davis <brooks@freebsd.org> Subject: Re: Interface groups (from OpenBSD) Message-ID: <20060328162431.GA9637@odin.ac.hmc.edu> In-Reply-To: <200603281131.28240.max@love2party.net> References: <200603281131.28240.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Tue, Mar 28, 2006 at 11:31:22AM +0200, Max Laier wrote: > Hi, > > while porting OpenBSD 3.9 (soon to be released) pf I stumbled on interface > groups. This is a mechanism to group arbitrary interfaces into logical > groups. It is just naming (not functional change), but it helps to convey > semantic information (e.g. group "LAN", "DMZ" ...) about your interface to > supporting applications. This way you can write a policies for interface > group "LAN" and have it applied to all the VLAN interfaces that come and go. > Administration is done via ifconfig. We currently have "ifconfig name" which > does part of the job. > > My question: Does that sound like something interesting for us and should I go > for importing it into FreeBSD proper, or is it not at all interesting and we > don't want it (in which case I'd hack something up for pf). Sounds like a reasonable feature. I think it's orthogional to renaming. > Technical reasoning: A proper import would add an additional TAILQ link into > struct ifnet (which is a great deal of ABI change and causes the usual > headaches). The hack would use a single void *, but we'd have to pay for the > additional indirection. Also yet another config tool would be required to > administer the interface <-> group binding. Adding a TAILQ to the end of struct ifnet would not be an ABI change in 6 because drivers don't know or care how big struct ifnet is anymore and I can't think of an implementation where the drive code would need to care. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEKWM+XY6L6fI4GtQRAhoQAJ41pqwaheC1iAd5jcmXk6nPTUQCpACfcYly wiFAsgULr9EQ9ldqSuWYXwg= =X5zs -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060328162431.GA9637>