From owner-freebsd-net@FreeBSD.ORG Tue Jun 28 10:52:49 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F02FE16A41C for ; Tue, 28 Jun 2005 10:52:49 +0000 (GMT) (envelope-from net@dino.sk) Received: from bsd.dino.sk (bsd.dino.sk [213.215.72.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6B0C443D1D for ; Tue, 28 Jun 2005 10:52:48 +0000 (GMT) (envelope-from net@dino.sk) Received: from home.dino.sk ([213.215.74.194]) (AUTH: LOGIN milan) by bsd.dino.sk with esmtp; Tue, 28 Jun 2005 12:55:43 +0200 id 000001C9.42C12CB0.000170BD From: Milan Obuch To: freebsd-net@freebsd.org Date: Tue, 28 Jun 2005 12:52:04 +0200 User-Agent: KMail/1.8 References: <42C0DB3B.6000606@elischer.org> <200506281147.13299.max@love2party.net> <20050628102728.GZ1283@obiwan.tataz.chchile.org> In-Reply-To: <20050628102728.GZ1283@obiwan.tataz.chchile.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200506281252.23976.net@dino.sk> Cc: Max Laier , Jeremie Le Hen , Julian Elischer Subject: Re: Julian's netowrking challenge 2005 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jun 2005 10:52:50 -0000 On Tuesday 28 June 2005 12:27, Jeremie Le Hen wrote: > > Wouldn't a more general approach be better. e.g. a way to "tag" a packet > > before it is sent to divert and a matching tag-lookup that can do further > > action. This would make it very easy to do all kinds of stuff that needs > > to know the original address instead of the translated one while avoiding > > code duplication. > > Having the possibility to tag a packet would be worth indeed. But I > think that Milan wants to bring network stack virtualization in > newer release of FreeBSD IIUC. This would be, IMO, a great improvement > of FreeBSD networking, although I'm pretty sure this would make Netgraph > people react a bit ;-). > Yes, yes, no :) Packet tagging and action based on tags are possibilities worth to have. Yes, I would like to have virtualization. Actually this could be seen as generalized packet tagging (similar to MPLS technology, only internal, but could be extended as well...) And I see no reason why netgraph people should react - having both virtual stacks AND netgraph is really powerfull combination. > > pf does something along these lines in case you are looking for > > references. > > Would it be possible to share this tag among pf and ipfw ? > ... and ipf as well :) AFAIR main objections against Marko Zec's patch were its based on 4-RELEASE and not CURRENT/HEAD, and its 'monolithic' non-modular approach. Other than those, virtualization philosophy is great and we should adopt it IMHO. Our lovely daemon gains even more power :) Milan