Date: Wed, 19 Dec 2012 17:22:30 +0100 From: Harald Schmalzbauer <h.schmalzbauer@omnilan.de> To: "Alexander V. Chernikov" <melifaro@ipfw.ru> Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org Subject: Re: [patch] permit fib to be set on interface Message-ID: <50D1E9C6.2030501@omnilan.de> In-Reply-To: <4DC695FC.3080700@ipfw.ru> References: <4DC695FC.3080700@ipfw.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigEE59BB3BDCF208BA0ACEC341 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable schrieb Alexander V. Chernikov am 08.05.2011 15:09 (localtime): > At the moment the only possible way to set packet fib from userland is > ipfw(8) setfib rule. Since no 'setfib tablearg' exists ruleset grows > with every fib. > Additionally, there is no way to set packet fib before netgraph > processing: L2 ipfw hook is called after ng_ether_input() > > Those reasons (not mentioning kern/134931) makes it hard to use multipl= e > routing tables. > > The following path: > * adds SIOCGIFIB/SIOCSIFIB ioctl(2) calls to get/set per-interface fib > * adds IFF_CUSTOMFIB interface flags > * adds ifi_fib field to if_data structure > * adds 'fib' keyword for ifconfig(8) > > Example: > 16:42 [0] zfscurr0# ifconfig vlan2 create inet 10.11.12.13/30 fib 15 > vlan 2 vlandev em0 > 16:42 [0] zfscurr0# ifconfig vlan2 > vlan2: flags=3D808843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,CUSTOMFIB>= > metric 0 mtu 1500 fib 15 > options=3D3<RXCSUM,TXCSUM> > ether 08:00:27:c5:29:d4 > inet 10.11.12.13 netmask 0xfffffffc broadcast 10.11.12.15 > inet6 fe80::a00:27ff:fec5:29d4%vlan2 prefixlen 64 scopeid 0x4 > nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL> > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active > vlan: 2 parent interface: em0 > > > Interface fib is applied on inbound only (for forwarded packets fib > decision should be done on inbound, for locally-originated packets ther= e > is setfib(1)) Could you please help me understanding the design? If I have a multihomed machine, with fib0 defaultrouter via nic0 and fib1 defaultrouter via nic1, and nic1 has fib1 assigned. What should happen if I connect to any service, by default assigned to fib0, but passing nic1? The incoming packet will be tagged with "FIB1", right? But does that affect the answer-path of services not assigned to fib1? If not, why would I want incoming packates tagged? Thanks, -Harry --------------enigEE59BB3BDCF208BA0ACEC341 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAlDR6cYACgkQLDqVQ9VXb8gKxgCgg9Tuxin5SIxXGvH+XezafTLM yZUAoIwVBzYFrBYZwfOv3agzzDNcvboL =kKRk -----END PGP SIGNATURE----- --------------enigEE59BB3BDCF208BA0ACEC341--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50D1E9C6.2030501>