Date: Sun, 25 Dec 2011 19:20:33 +0000 From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Alexander V. Chernikov <melifaro@FreeBSD.org> Cc: Pawel Tyll <ptyll@nitronet.pl>, "Andrey V. Elsukov" <ae@FreeBSD.org>, Jason Hellenthal <jhell@DataIX.net>, freebsd-ipfw@freebsd.org, freebsd-net@freebsd.org Subject: Re: IPFW eXtended tables [Was: Re: IPFW tables, dummynet and IPv6] Message-ID: <762A1F72-F7F2-4076-BD9B-49E0DDE32643@lists.zabbadoz.net> In-Reply-To: <4EF7719A.8020902@FreeBSD.org> References: <1674097252.20111218125051@nitronet.pl> <4EEDD566.8020609@FreeBSD.org> <20111220163355.GA87584@DataIX.net> <4EF73A4A.3050902@FreeBSD.org> <1413850829.20111225184712@nitronet.pl> <AA3C6FCC-0817-4108-A107-3367A6F14757@lists.zabbadoz.net> <4EF7719A.8020902@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 25. Dec 2011, at 18:55 , Alexander V. Chernikov wrote:
> Bjoern A. Zeeb wrote:
>> On 25. Dec 2011, at 17:47 , Pawel Tyll wrote:
>>=20
>>> Hi Alexander,
>>>=20
>>>> Changes:
>>>> * Tables (actually, radix trees) are now created/freed on demand.
>>> Does this mean IPFW_TABLES_MAX can now be safely set to =
arbitrarily
>>> high number that would allow flexible numbering of tables? =
Arbitrarily
>>> high being 0xFFFFFFFF or some other nice large number that won't =
step
>>> on my ideas :)
> At the moment maximum number of tables remains the same however it is
> now possible to define IPFW_TABLES_MAX to 65k without much (memory)
> overhead. Since pointer to tables are stored in array, defining 2^32
> tables require 4G * (8+8+1) memory for pointers only.
>>=20
>> which also gets us to the point that the man page need to be updated =
along
>> with the same changes and I cannot see that as part of the diff.
> Sure. This is actually the first part of commit, interface table =
changes
> and proper ipv6 'lookup' keyword support requires another change that
> is planned to be committed separately (with man page update)
>=20
>=20
> By the way, I see two possible syntax changes for interface tables:
changes or additions? Try not to break old config files please if not =
needed.
>=20
> ipfw add .. skipto tablearg ip from any to any lookup
> <src-iface|dst-iface|iface>
> or
> ipfw add .. skipto tablearg ip from any to any recv|xmit|via table(X)
>=20
> Personally I like 'lookup' variant.
>=20
>>=20
>> /bz
>>=20
>=20
>=20
--=20
Bjoern A. Zeeb You have to have visions!
Stop bit received. Insert coin for new address family.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?762A1F72-F7F2-4076-BD9B-49E0DDE32643>