From owner-freebsd-hackers  Fri Jun 29  1:29: 3 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65])
	by hub.freebsd.org (Postfix) with ESMTP
	id 8C70437B403; Fri, 29 Jun 2001 01:28:48 -0700 (PDT)
	(envelope-from ru@whale.sunbay.crimea.ua)
Received: (from ru@localhost)
	by whale.sunbay.crimea.ua (8.11.2/8.11.2) id f5T8Rvx03044;
	Fri, 29 Jun 2001 11:27:57 +0300 (EEST)
	(envelope-from ru)
Date: Fri, 29 Jun 2001 11:27:57 +0300
From: Ruslan Ermilov <ru@FreeBSD.ORG>
To: Dag-Erling Smorgrav <des@ofug.org>
Cc: Wes Peters <wes@softweyr.com>, Deepak Jain <deepak@ai.net>,
	net@FreeBSD.ORG, hackers@FreeBSD.ORG
Subject: Re: fastforwarding?
Message-ID: <20010629112757.F91115@sunbay.com>
Mail-Followup-To: Dag-Erling Smorgrav <des@ofug.org>,
	Wes Peters <wes@softweyr.com>, Deepak Jain <deepak@ai.net>,
	net@FreeBSD.ORG, hackers@FreeBSD.ORG
References: <GPEOJKGHAMKFIOMAGMDICEOJDGAA.deepak@ai.net> <20010626093545.D49992@sunbay.com> <3B3AB4F8.184A2EFE@softweyr.com> <xzp1yo4wdjh.fsf@flood.ping.uio.no>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <xzp1yo4wdjh.fsf@flood.ping.uio.no>; from des@ofug.org on Thu, Jun 28, 2001 at 10:32:50PM +0200
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Thu, Jun 28, 2001 at 10:32:50PM +0200, Dag-Erling Smorgrav wrote:
> Wes Peters <wes@softweyr.com> writes:
> > The description there isn't very forthcoming.  fastforwarding caches
> > the results of a route lookup for destination addresses that are not
> > on the local machine, and uses the cached route to short-circuit the
> > normal (relatively slow) route lookup process.  The packet flows 
> > directly from one layer2 input routine directly to the opposing 
> > layer2 output routine without traversing the IP layer.
> 
> And more importantly, without traversing ipfw or ipfilter.  In other
> words, don't use this on a firewall.
> 
Doesn't this match exactly what's documented in the inet(4) manpage?

: IPCTL_FASTFORWARDING  (ip.fastforwarding) Boolean: enable/disable the use
:                       of fast IP forwarding code.  Defaults to off.  When
:                       fast forwarding is enabled, IP packets are for-
:                       warded directly to the appropriate network inter-
                               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:                       face with a minimal validity checking, which
:                       greatly improves the throughput.  On the other
:                       hand, they bypass the standard procedures, such as
                              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:                       IP option processing and ipfirewall(4) checking.
                                                 ^^^^^^^^^^
:                       It is not guaranteed that every packet will be
:                       fast-forwarded.

BTW, Wes, I'm still waiting for a working example of an indirect route
with also indirect gateway.  All I can get myself here with such a
route is:

arplookup 5.6.7.8 failed: host is not on local network
arpresolve: can't allocate llinfo for 5.6.7.8rt

where 5.6.7.8 is that indirect gateway.


Cheers,
-- 
Ruslan Ermilov		Oracle Developer/DBA,
ru@sunbay.com		Sunbay Software AG,
ru@FreeBSD.org		FreeBSD committer,
+380.652.512.251	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message