Date: Sat, 28 Jan 2012 19:13:41 +0100 From: Kip Macy <kmacy@freebsd.org> To: freebsd-net@freebsd.org, weongyo@freebsd.org Subject: Re: a question about flowtable Message-ID: <4F243AD5.6070902@freebsd.org> In-Reply-To: <20120128011235.GC24242@wgj.corp.aryaka.com> References: <20120128011235.GC24242@wgj.corp.aryaka.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 01/28/2012 02:12 AM, Weongyo Jeong wrote: > Hello Kip, > > I had looked flowtable code briefly and still not sure whether I > understand it correctly. At this moment I have a question. > > Is it possible to apply flowtable techniques for forwarding packets? If > I understand it right it looks it's impossible at current status because > flowtable is only applied when ro == NULL at ip_output(). Is it > intentional one? > You can pass in a struct route filled in by a flowtable lookup in ip_output. I have made this change in a number of branches and I know at least one firewall is seeing good results from doing this. The one thing to be careful about is that the number of cached flows scales with the number of IPs and not the number of prefixes. Cheers, Kip
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F243AD5.6070902>