From owner-svn-src-head@freebsd.org Wed Aug 16 14:15:38 2017 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9DC74DDDF17; Wed, 16 Aug 2017 14:15:38 +0000 (UTC) (envelope-from manu@bidouilliste.com) Received: from mail.blih.net (mail.blih.net [212.83.177.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.blih.net", Issuer "mail.blih.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4AD2C84EC3; Wed, 16 Aug 2017 14:15:36 +0000 (UTC) (envelope-from manu@bidouilliste.com) Received: from mail.blih.net (mail.blih.net [212.83.177.182]) by mail.blih.net (OpenSMTPD) with ESMTP id 09b9f04f; Wed, 16 Aug 2017 16:08:53 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=bidouilliste.com; h=date :from:to:cc:subject:message-id:in-reply-to:references :mime-version:content-type:content-transfer-encoding; s=mail; bh=kZDJpIEJfzHephZNl5e/ungObCg=; b=kVJZuXlzj/o71Jih6vRi/9GUCHzU 5uSh5+snr8eNTOd8hrHH8PK9tyPF7xhxcD2L7qybIjX+IsZ+3oFh68Fcgu3gtBj6 xvS0JY/D6zQZWB25IvGkDkPEOwhnrmeqnqUMm+3pWeHP8EWTbLigO/6ycLMSneGd zRZH1zIVFAU5zcU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=bidouilliste.com; h=date :from:to:cc:subject:message-id:in-reply-to:references :mime-version:content-type:content-transfer-encoding; q=dns; s= mail; b=YrnMZvOnkqYQCc48fjcQnlBzkjGhY3Q+PwFM0P6RTmudOfiCCfHieq5i pNDTK+Kwwp3+OcELQ0f9pOregzxj87bv83u1Z/GADymfHOEX9maVdxmBMeuYzjrO CpSDOCrYPpteHCOFj41Ed8StTNcqTYMur6xnZaGJXv2owdkCQag= Received: from knuckles.blih.net (ip-54.net-82-216-203.roubaix.rev.numericable.fr [82.216.203.54]) by mail.blih.net (OpenSMTPD) with ESMTPSA id 33136657 TLS version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO; Wed, 16 Aug 2017 16:08:53 +0200 (CEST) Date: Wed, 16 Aug 2017 16:08:50 +0200 From: Emmanuel Vadot To: Gleb Smirnoff Cc: Emmanuel Vadot , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r320944 - head/etc/rc.d Message-Id: <20170816160850.1b695e1e292f46f892301db5@bidouilliste.com> In-Reply-To: <20170815224929.GC1113@FreeBSD.org> References: <201707131340.v6DDeIE9086139@repo.freebsd.org> <20170815224929.GC1113@FreeBSD.org> X-Mailer: Sylpheed 3.6.0 (GTK+ 2.24.31; amd64-portbld-freebsd12.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Aug 2017 14:15:38 -0000 Hi Gleb, On Tue, 15 Aug 2017 15:49:29 -0700 Gleb Smirnoff wrote: > Emmanuel, > > On Thu, Jul 13, 2017 at 01:40:18PM +0000, Emmanuel Vadot wrote: > E> Author: manu > E> Date: Thu Jul 13 13:40:18 2017 > E> New Revision: 320944 > E> URL: https://svnweb.freebsd.org/changeset/base/320944 > E> > E> Log: > E> Add an rc.d script to setup a netflow export via ng_netflow > E> The default is to export netflow data on localhost on the netflow port. > E> ngtee is used to have the lowest overhead possible. > E> The ipfw ng hook is the netflow port (it can only be numeric) > E> Default is netflow version 5. > E> > E> Sponsored-By: Gandi.net > E> Reviewed by: bapt (earlier version), olivier (earlier version) > > It could be that using "netgraph" action instead of "ngtee" and then > returning packet back from netgraph to ipfw would show lower overhead. > However, this setup is definitely going to be less robust and more prone > to bugs in case of complex ipfw configurations. > > -- > Totus tuus, Glebius. I should have been more clear, I didn't mean that it would have less overhead in memory but in process time. Reading the source code I saw that ngtee simply m_dup the packet and then ipfw directly continue with the original one, so it seems to me that this would be the the fastest way to process packets. Could you expand on "less robust and more prone to bugs" for the "netgraph" case ? Cheers, -- Emmanuel Vadot