Date: Fri, 09 Sep 2005 18:50:05 +0200 From: Andre Oppermann <andre@freebsd.org> To: Sam Leffler <sam@errno.com> Cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.forwarding and net.inet.ip.fastforwarding Message-ID: <4321BD3D.66417FA6@freebsd.org> References: <20050908221115.038c3abd.lists@yazzy.org> <004701c5b4df$9207d260$1200a8c0@gsicomp.on.ca> <4320EDDF.6090303@errno.com> <20050909054110.08pqjx9bi884c0sg@mail.bafirst.com> <4321BA08.9060500@errno.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Sam Leffler wrote: > > eculp@bafirst.com wrote: > > Quoting Sam Leffler <sam@errno.com>: > > > >> Matt Emmerton wrote: > >> > >>>> Hi guys. > >>>> > >>>> What's the difference between net.inet.ip.forwarding and > >>> > >>> > >>> net.inet.ip.fastforwarding ? > >>> > >>>> What's the role of net.inet.ip.fastforwarding ? > >>> > >>> > >>> > >>>> From inet(4): > >>> > >>> > >>> IPCTL_FORWARDING (ip.forwarding) Boolean: enable/disable > >>> forwarding > >>> of IP packets. Defaults to off. > >>> > >>> IPCTL_FASTFORWARDING (ip.fastforwarding) Boolean: > >>> enable/disable the > >>> use > >>> of fast IP forwarding code. Defaults to off. > >>> When > >>> fast forwarding is enabled, IP packets are > >>> for- > >>> warded directly to the appropriate network > >>> inter- > >>> face with a minimal validity checking, which > >>> greatly improves the throughput. On the > >>> other > >>> hand, they bypass the standard procedures, > >>> such > >>> as > >>> IP option processing and ipfirewall(4) > >>> checking. > >>> It is not guaranteed that every packet > >>> will be > >>> fast-forwarded. > >>> > >> > >> This quote is out of date; on current fastforwarding is purely an > >> optimization path--if the packet requires features not supported by > >> the fast path then it's processed normally. > > > > > > Maybe I should have another ristreto before asking this, but based on > > what I understand from this thread and speaking of current 7.0: > > > > a. I would set both in sysctl.conf > > net.inet.ip.forwarding=1 > > net.inet.ip.fastforwarding=1 > > b. There would be no "down side" in current 7.0 > > > > Is this more or less correct? If so, will this posibly be the case in > > the 6.0 release also or only in current? > > 6.0 and 7.x share the same code so the settings are identical. As to > downside you pay a penalty if the fastforwarding code has to hand the > packet back to the "slow path". There may also be side effects from the > run-to-completion model it uses. You should test to decide if the > feature is worth enabling for your environment. I'm not sure it's had > much testing (Andre?). When activated on a router it gives a very nice speed boost. Process completion pays off very well here. It has got a lot of testing at various ISP's on their production routers. For hosts it doesn't really hurt but is totally pointless. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4321BD3D.66417FA6>