From owner-freebsd-net Tue Jan 2 6:55: 4 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 06:55:02 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id 09CDC37B400 for ; Tue, 2 Jan 2001 06:55:01 -0800 (PST) Received: from kampala-08.budapest.interware.hu ([195.70.52.200] helo=elischer.org) by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian)) id 14DSq0-0001Nx-00; Tue, 02 Jan 2001 15:54:57 +0100 Sender: julian@FreeBSD.ORG Message-ID: <3A51EB71.8286709E@elischer.org> Date: Tue, 02 Jan 2001 06:53:37 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: Wes Peters Cc: "C. Stephen Gunn" , "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Wes Peters wrote: > > "C. Stephen Gunn" wrote: > > > > On Sun, 31 Dec 2000 19:54:19 PST, Julian Elischer wrote: > > > > > > The current VLAN (and Ethernet) implementaiton in FreeBSD needs work. > > > > FreeBSD should should handle multiple ethernet encapsulations on > > > > the same physical interface, and relay packets to/from some subordinate > > > > interface. This support would factor-out the need for current > > > > work-arounds like if_vlan, and if_ef, and perhaps even if_tap. > > > > > > sounds like a perfect use for netgraph.. > > > > I've thought about this, and and a migation to netgraph would > > require significant changes to how FreeBSD handles Ethernet (and > > other IEEE 802) interfaces. > > > > For example, you would no longer simply ``ifconfig xl'', but > > associate a netgraph link-layer node on top of the xl interface, > > and a netgraph interface node on top of the link-layer node, which > > would function (mostly) like xl does now. > > > > Netgraph is an excellent technology. While your comment makes > > sense, there are several issues that will need to be addressed. > > For instance, the current ARP implementation in FreeBSD is > > entangled with the generic ethernet code. > > Under netgraph, it would be just another protocol in a netgraph node, > and could be added to (and removed from) the interface as needed. That > would be interesting from the standpoint of a secure system over which > you wanted to control the ARP entries. Being able to simply turn off > dynamic ARP has been discussed often, but never really acted upon. > > Doing link-layer encapsulation modules is really not very difficult. > I've written pretty much the full complement, covering ethernet (10, > 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck, > I can identify that protocol in 20 instructions.) Under netgraph it's a real SNAP (I can't believe I said that) > > > I'm afraid to even contemplate the POLA and backward compatability > > issues involved. > > Why would we need to violate POLA? The obvious default would be to > extend ifconfig to configure the new protocol types, and to assume > EthII framing unless explicitly specified. send only new protocols out to netgraph.. no POLA to break. > > > If this discussion is non-casual, we should eventually migrate > > it over to -arch. > > Perhaps so. If someone does the work to move EthII into netgraph, I can > certainly contribute a SNAP/LLC module, and maybe even extensions to > ifconfig so you can use it. ;^) have a look at the ng_ether node. > > -- > "Where am I, and what am I doing in this handbasket?" > > Wes Peters Softweyr LLC > wes@softweyr.com http://softweyr.com/ -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ from Perth, presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message