From owner-freebsd-net@FreeBSD.ORG Sun Jun 25 18:31:38 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8671716A40D for ; Sun, 25 Jun 2006 18:31:38 +0000 (UTC) (envelope-from lukasz@bromirski.net) Received: from r2d2.bromirski.net (r2d2.bromirski.net [217.153.57.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 90EE443D68 for ; Sun, 25 Jun 2006 18:31:36 +0000 (GMT) (envelope-from lukasz@bromirski.net) Received: from [192.168.0.10] (bfg9000.jjs.pl [62.111.150.246]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by r2d2.bromirski.net (Postfix) with ESMTP id 9DDC910888B; Sun, 25 Jun 2006 20:43:09 +0200 (CEST) Message-ID: <449ED6B8.9070009@bromirski.net> Date: Sun, 25 Jun 2006 20:32:24 +0200 From: =?ISO-8859-2?Q?=A3ukasz_Bromirski?= User-Agent: Thunderbird 1.5.0.4 (Windows/20060516) MIME-Version: 1.0 To: David Gilbert References: <20060623120208.GH36671@gremlin.foo.is> <50v528$fvu0nd@iinet-mail.icp-qv1-irony1.iinet.net.au> <17565.30718.106118.318863@canoe.dclg.ca> In-Reply-To: <17565.30718.106118.318863@canoe.dclg.ca> Content-Type: text/plain; charset=ISO-8859-2; format=flowed Content-Transfer-Encoding: 8bit Cc: 'Baldur Gislason' , Christopher Martin , 'FreeBSD Net Mailing list' Subject: Re: Multiple routes to the same destination X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Jun 2006 18:31:38 -0000 David Gilbert wrote: > No. round-robin will deliver packets out-of-order. TCP will behave > very badly with this (at the very least, smart selective-ack hosts > will transmit a lot of selective-ack packets --- but dumb > non-selective-ack hosts will start asking for a lot of > retransmission). Other protocols tolerance for OOO packets varies. Yeah, but will give You flexibility in doing what You want to do - for example, sharing two leased lines, 2Mbit/s each. There are protocols that will behave oddly when they encounter OOB traffic for TCP (like some BGP implementations for example), but FTP and others tend generally to accept some low percent of such traffic. > Linux does all this with it's flow table --- that is each 5-tuple of > source ip,port dest ip,port (and protocol) is stored as a "flow" in a > big hash table. The table stores things like the next-hop interface > and destination. Yes, but having an option to do it per-packet or per-flow would be wonderful. We don't have anything useable today (not counting static policy-based routing done via ipfw, pf or netgraph). And as we all know, implementation of flow-based routing can be optimized to counter DDoS threats - Linux already did that in 2.6.x, as there an option to compile kernel with either FIB_HASH or FIB_TRIE. -- "Confidence is what you have before you | Łukasz Bromirski understand the problem." -- Woody Allen | lukasz:bromirski,net