Date: Tue, 28 Jun 2005 13:10:10 +0200 From: Milan Obuch <net@dino.sk> To: freebsd-net@freebsd.org Subject: Re: Julian's netowrking challenge 2005 Message-ID: <200506281310.12252.net@dino.sk> In-Reply-To: <200506281238.04373.max@love2party.net> References: <42C0DB3B.6000606@elischer.org> <20050628102728.GZ1283@obiwan.tataz.chchile.org> <200506281238.04373.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 28 June 2005 12:37, Max Laier wrote: > On Tuesday 28 June 2005 12:27, Jeremie Le Hen wrote: > > > Wouldn't a more general approach be better. e.g. a way to "tag" a > > > packet before it is sent to divert and a matching tag-lookup that can > > > do further action. This would make it very easy to do all kinds of > > > stuff that needs to know the original address instead of the translated > > > one while avoiding code duplication. > > > > Having the possibility to tag a packet would be worth indeed. But I > > think that Milan wants to bring network stack virtualization in > > newer release of FreeBSD IIUC. This would be, IMO, a great improvement > > of FreeBSD networking, although I'm pretty sure this would make Netgraph > > people react a bit ;-). > > Stack virtualization is independent of this. All I am trying to say here, > is that I think it is better to have a general mechanism to do thing like > that, instead of a special solution for fwd (i.e. set-nexthop). > We agree on this. Tagging and virtualization are independent and solve different purposes. My reaction was to post mentioning request caused from various limitations/deficiences, namely lack of multiple routing tables support. > > > pf does something along these lines in case you are looking for > > > references. > > > > Would it be possible to share this tag among pf and ipfw ? > > Sure, it's a simple mbuf tag with a (at this point) 16bit cookie. The > downside of this approach is that you need to malloc the tag, but on the > other hand it's even more complicated for set-nexthop where you need to > allocate a route and maybe even hold it for some time and make sure you > properly GC it ... tags seem way simpler to me. Agreed. I am far from being networking code guru, so maybe this question sounds stupid, but could not this cookie be allocated when packet enters system? Maybe optionally... Milan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200506281310.12252.net>