From owner-freebsd-net@FreeBSD.ORG Tue May 9 12:49:47 2006 Return-Path: X-Original-To: freebsd-net@FreeBSD.ORG Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0751816A419 for ; Tue, 9 May 2006 12:49:47 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [83.120.8.8]) by mx1.FreeBSD.org (Postfix) with ESMTP id 40B1D43D69 for ; Tue, 9 May 2006 12:49:42 +0000 (GMT) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (uvqlwx@localhost [127.0.0.1]) by lurza.secnetix.de (8.13.4/8.13.4) with ESMTP id k49CnYPv045252 for ; Tue, 9 May 2006 14:49:40 +0200 (CEST) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.13.4/8.13.1/Submit) id k49CnYOZ045251; Tue, 9 May 2006 14:49:34 +0200 (CEST) (envelope-from olli) Date: Tue, 9 May 2006 14:49:34 +0200 (CEST) Message-Id: <200605091249.k49CnYOZ045251@lurza.secnetix.de> From: Oliver Fromme To: freebsd-net@FreeBSD.ORG In-Reply-To: <4460207A.9050505@elischer.org> X-Newsgroups: list.freebsd-net User-Agent: tin/1.8.0-20051224 ("Ronay") (UNIX) (FreeBSD/4.11-STABLE (i386)) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Tue, 09 May 2006 14:49:40 +0200 (CEST) Cc: Subject: Re: vrf support in FreeBSD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-net@FreeBSD.ORG List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 May 2006 12:49:47 -0000 Julian Elischer wrote: > Pramod Srinivasan wrote: > > I am curious to know if there is any plans to support multiple routing > > tables in FreeBSD's official release? > > I am doing some small bits of work on this.. > > how do you want to select which table should be used? > (This is more of a 'survey' as I am trying to work out what I should > support) It would be extremely useful if the routing table could be a per-process variable which is inherited by child processes. That way it would be possible, for example, to start Apache with its own routing table (which would be inherited by CGIs and other programs exec'ed by Apache). Another approach would be to assign a routing table to a jail. However, for me personally, jails are currently not very useful because they can only have one IP. That limitation would have to be lifted first. I would also like to have better control over the source IP of outgoing connections. I often have a lot of IP addresses configured on an interface which are assigned to different services (possibly belonging to different customers, i.e. they need to be accounted separately). Currently, the only generic way to force programs to use a certain source IP is to put them into a jail, but again, I often need multiple IPs for a service so it doesn't work with jails. Same problem as above. Just my 2 cents (since you asked for it). :-) Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "The last good thing written in C was Franz Schubert's Symphony number 9." -- Erwin Dieterich