Date: Sat, 17 Mar 2001 13:25:25 -0600 (CST) From: Nick Rogness <nick@rogness.net> To: Alex Pilosov <alex@acecape.com> Cc: freebsd-net@FreeBSD.ORG, Jeroen Ruigrok/Asmodai <asmodai@wxs.nl> Subject: Re: same interface Route Cache Message-ID: <Pine.BSF.4.21.0103171317180.16998-100000@cody.jharris.com> In-Reply-To: <Pine.BSO.4.10.10103171317130.8329-100000@spider.pilosoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 17 Mar 2001, Alex Pilosov wrote: > On Sat, 17 Mar 2001, Nick Rogness wrote: > > > > b) route-cache means fast lookup of destination gateway. Lookup of > > > destination gateway may be slow (see d), and it makes sense to keep track > > > of a TCP connection and 'fast-switch' (cisco lingo) the following packets, > > > caching the following data (destination, ACL list) from the first packet. > > > Usually route-cache is implemented in hardware in ASICs, but sometimes it > > > may make sense to implement it in software (when overhead of connection > > > tracking is less than overhead of route/acl lookup). > > > > > > Route-cache has nothing to do with policy routing (d) > > > > Who said anything about policy routing....where are you going with > > this. Cisco's ip route-cache same-interface has nothing to do > > with policy routing...and policy routing is not mentioned here. > > Policy routing is what you need to route packets based on their source > address to properly do multihoming. You keep on using word 'route caching' > while this whole thing has _nothing_ to do with route caching. Yes, maybe it is a poor use of words. I am not meaning Cisco's `ip route-cache` for use with Fast switching. This is all I'm saying: 1) Packet comes in interface A with source A.A.A.A dest B.B.B.B 2) A route to that source IP (A.A.A.A) get's cache'd temporarily to go out Interface A. 3) So when the packet returns with destination of A.A.A.A go out interface A. This is easy to do without nat, but unfortunetly that is not the case here. > > ip route-cache same-interface makes _no actual changes to routing_. The > only thing it does is allows "same-interface" flows (that arrive on one > interface and leave on same interface) to be cached. Without ip > route-cache same-interface, they'll still behave identically, only slower. > It is not recommended in certain cases because fast-switching code is > known to behave sometimes incorrectly. > Yes, I understand Cisco's implementation. [snip] > > > > With policy routing, you indeed will be able to multihome, without any > > > cooperation of your upstream (assuming strict filters on their ingress > > > interfaces) and have things work. > > > > > > Not dynamically you can't. Because you would have to know every > > source IP and which interface it came in on, to send it back out > > the same interface to get the packet back. > You don't need to know the interface. You must route based on the source > IP. I.E: > > ISP A ISP B > \ / > ra rb > \ / > your router > | > | > | > (local) > > (ra and rb are respectively edge routers on ISP A and B's end connected to > you). > > Note: On local network, you'll be essentially having two logical > networks (different IPs, subnet, etc) on the same wire. Its not clean, but > its perfectly supported. > > Now, assume you have IPs 11.1.1.* from ISP B, and 11.1.2.* from ISP B. You > configure both IPs to machines on your 'local' network, and have something > like this on the router: > ipfw from 11.1.1.0 fwd ra > ipfw from 11.1.2.0 fwd rb > > > > If this is not what you wanted to accomplish, please correct me. > this does not work with natd. Nick Rogness <nick@rogness.net> - Keep on routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0103171317180.16998-100000>