Date: Wed, 11 May 2005 00:25:49 +0200 From: Jeremie Le Hen <jeremie@le-hen.org> To: Maksim Yevmenkin <maksim.yevmenkin@savvis.net> Cc: yongari@rndsoft.co.kr Subject: Re: [PATCH] Re: tap interface and locally generated packets Message-ID: <20050510222549.GP91329@obiwan.tataz.chchile.org> In-Reply-To: <4280F1C6.2030009@savvis.net> References: <20050510004847.GA4990@rndsoft.co.kr> <4280F1C6.2030009@savvis.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> if you think that porting OpenBSD/NetBSD bridge driver is a good idea > you are welcome to submit the patches. imo, it should be possible to fix > this in our current bridge(4) implementation. bridge(4) knows where > packet is coming from and going to. it could check hardware capabilities > of the destination interface and calculate checksums if needed. This is a little bit off-topic but I strongly support import of if_bridge(4). AFAIK the latter supports spanning-tree protocol whereas our bridge(4) doesn't. I also prefer if_bridge(4) in that I find that having a common bridge implementation among all BSDs is a good thing as we will benefit from others' improvements. The pf(4) firewall is now a good example of such a collaboration. For example, one FreeBSD src commiter supplied a patch to enable matching the ruid of the process from which the packet come from [1] (I don't know however if Max Laier submitted it to Daniel Hartmeier). And for my very personnal feeling, I find having a dedicated interface representing the whole bridge is more intuitive than choosing arbitrarily one interface among the ones composing the bridge to handle the IP address(es). I also think that brconfig(8) is more intuitive than a sysctl to configure a bridge, or at least it is scriptable more easily. However, if if_bridge(4) is imported someday in FreeBSD, I suspect brconfig(8) will have to be modified to become one module of ifconfig(8), as Sam Leffler recently modified ifconfig(8) to greatly simplify feature addition (and all special network commands now complete their life into ifconfig(8), as a module). A brief look at if_bridge(4) code in OpenBSD source tree shows that the current problem of IP/TCP/UDP hardware checksuming seems to be handled (see src/sys/net/if_bridge.c rev 1.143, line 962), but in a very radical way : it simply drops the packet :-). However, NetBSD's if_bridge(4) source is radically different from OpenBSD's one, because it has been heavily modified by Jason Thorpe when he imported it into NetBSD. It seems that rev 1.26 solved the problem of checksum offloading. Finally, FYI, Andrew Thompson began to port if_bridge(4) to FreeBSD [2] but there were still a few bugs and I don't know at all if he has got enough time to work on it since then (it seems so as the file modification date is 2005/05/03). Unfortunately this patch seems to be based on rev 1.21 of NetBSD's if_bridge.c, this is a little bit old. Best regards, [1] http://mu.org/~mux/patches/pf.patch [2] http://lists.freebsd.org/pipermail/freebsd-current/2004-April/025886.html -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050510222549.GP91329>