From owner-freebsd-current@FreeBSD.ORG Wed Dec 19 16:22:34 2012 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id F2699A9A; Wed, 19 Dec 2012 16:22:33 +0000 (UTC) (envelope-from h.schmalzbauer@omnilan.de) Received: from host.omnilan.net (s1.omnilan.net [62.245.232.135]) by mx1.freebsd.org (Postfix) with ESMTP id 5CB788FC14; Wed, 19 Dec 2012 16:22:31 +0000 (UTC) Received: from titan.inop.wdn.omnilan.net (titan.inop.wdn.omnilan.net [172.21.3.1]) (authenticated bits=0) by host.omnilan.net (8.13.8/8.13.8) with ESMTP id qBJGQoRo065793 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 19 Dec 2012 17:26:50 +0100 (CET) (envelope-from h.schmalzbauer@omnilan.de) Message-ID: <50D1E9C6.2030501@omnilan.de> Date: Wed, 19 Dec 2012 17:22:30 +0100 From: Harald Schmalzbauer Organization: OmniLAN User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; de-DE; rv:1.9.2.8) Gecko/20100906 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: "Alexander V. Chernikov" Subject: Re: [patch] permit fib to be set on interface References: <4DC695FC.3080700@ipfw.ru> In-Reply-To: <4DC695FC.3080700@ipfw.ru> X-Enigmail-Version: 1.1.2 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigEE59BB3BDCF208BA0ACEC341" Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Dec 2012 16:22:34 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigEE59BB3BDCF208BA0ACEC341 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable schrieb Alexander V. Chernikov am 08.05.2011 15:09 (localtime): > At the moment the only possible way to set packet fib from userland is > ipfw(8) setfib rule. Since no 'setfib tablearg' exists ruleset grows > with every fib. > Additionally, there is no way to set packet fib before netgraph > processing: L2 ipfw hook is called after ng_ether_input() > > Those reasons (not mentioning kern/134931) makes it hard to use multipl= e > routing tables. > > The following path: > * adds SIOCGIFIB/SIOCSIFIB ioctl(2) calls to get/set per-interface fib > * adds IFF_CUSTOMFIB interface flags > * adds ifi_fib field to if_data structure > * adds 'fib' keyword for ifconfig(8) > > Example: > 16:42 [0] zfscurr0# ifconfig vlan2 create inet 10.11.12.13/30 fib 15 > vlan 2 vlandev em0 > 16:42 [0] zfscurr0# ifconfig vlan2 > vlan2: flags=3D808843= > metric 0 mtu 1500 fib 15 > options=3D3 > ether 08:00:27:c5:29:d4 > inet 10.11.12.13 netmask 0xfffffffc broadcast 10.11.12.15 > inet6 fe80::a00:27ff:fec5:29d4%vlan2 prefixlen 64 scopeid 0x4 > nd6 options=3D21 > media: Ethernet autoselect (1000baseT ) > status: active > vlan: 2 parent interface: em0 > > > Interface fib is applied on inbound only (for forwarded packets fib > decision should be done on inbound, for locally-originated packets ther= e > is setfib(1)) Could you please help me understanding the design? If I have a multihomed machine, with fib0 defaultrouter via nic0 and fib1 defaultrouter via nic1, and nic1 has fib1 assigned. What should happen if I connect to any service, by default assigned to fib0, but passing nic1? The incoming packet will be tagged with "FIB1", right? But does that affect the answer-path of services not assigned to fib1? If not, why would I want incoming packates tagged? Thanks, -Harry --------------enigEE59BB3BDCF208BA0ACEC341 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAlDR6cYACgkQLDqVQ9VXb8gKxgCgg9Tuxin5SIxXGvH+XezafTLM yZUAoIwVBzYFrBYZwfOv3agzzDNcvboL =kKRk -----END PGP SIGNATURE----- --------------enigEE59BB3BDCF208BA0ACEC341--