From owner-freebsd-net@FreeBSD.ORG  Sun Dec 25 19:45:11 2011
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E0C071065670
	for <freebsd-net@freebsd.org>; Sun, 25 Dec 2011 19:45:11 +0000 (UTC)
	(envelope-from ptyll@nitronet.pl)
Received: from mail.nitronet.pl (smtp.nitronet.pl [195.90.106.27])
	by mx1.freebsd.org (Postfix) with ESMTP id 95C268FC13
	for <freebsd-net@freebsd.org>; Sun, 25 Dec 2011 19:45:11 +0000 (UTC)
Received: from mailnull by mail.nitronet.pl with virscan (Exim 4.76 (FreeBSD))
	(envelope-from <ptyll@nitronet.pl>) id 1Reu0M-000DPo-Rc
	for freebsd-net@freebsd.org; Sun, 25 Dec 2011 20:45:10 +0100
Date: Sun, 25 Dec 2011 20:44:55 +0100
From: Pawel Tyll <ptyll@nitronet.pl>
X-Priority: 3 (Normal)
Message-ID: <1634551546.20111225204455@nitronet.pl>
To: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
In-Reply-To: <4EF7719A.8020902@FreeBSD.org>
References: <1674097252.20111218125051@nitronet.pl>
	<4EEDD566.8020609@FreeBSD.org> <20111220163355.GA87584@DataIX.net>
	<4EF73A4A.3050902@FreeBSD.org>
	<1413850829.20111225184712@nitronet.pl>
	<AA3C6FCC-0817-4108-A107-3367A6F14757@lists.zabbadoz.net>
	<4EF7719A.8020902@FreeBSD.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: Nitronet.pl
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: ptyll@nitronet.pl
X-SA-Exim-Scanned: No (on mail.nitronet.pl); SAEximRunCond expanded to false
Cc: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, freebsd-net@freebsd.org,
	"Andrey V. Elsukov" <ae@FreeBSD.org>, freebsd-ipfw@freebsd.org,
	Jason Hellenthal <jhell@DataIX.net>
Subject: Re: IPFW eXtended tables [Was: Re: IPFW tables, dummynet and IPv6]
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Dec 2011 19:45:12 -0000

> At the moment maximum number of tables remains the same however it is
> now possible to define IPFW_TABLES_MAX to 65k without much (memory)
> overhead. Since pointer to tables are stored in array, defining 2^32
> tables require 4G * (8+8+1) memory for pointers only.
65k  is  also  a  good amount. Gives me 10 tables per vlan. :)

> By the way, I see two possible syntax changes for interface tables:
> ipfw add .. skipto tablearg ip from any to any lookup
> <src-iface|dst-iface|iface>
> or
> ipfw add .. skipto tablearg ip from any to any recv|xmit|via table(X)
> Personally I like 'lookup' variant.
recv|xmit|via  is  in  the  ipfw  spirit, so while personal tastes are
always important, I would personally keep it consistent.