cvs commit: src/sys/netinet ip_fastfwd.c ip_input.c ip_var.h
sam at errno.com
Sat May 8 11:26:52 PDT 2004
On Saturday 08 May 2004 08:25 am, Darren Reed wrote:
> On Fri, May 07, 2004 at 07:55:36AM -0700, Sam Leffler wrote:
> > Employing a packet filter is not equivalent as it requires every packet
> > to be processed while this (effectively 7-line change) adds no new
> > overhead to the normal processing path for packets. It would be nice if
> > packet filtering were cheap enough that we could use it in this way but I
> > don't think that's the case just yet.
> Using that argument, is that clearance to put all of the normalization
> from pf into the various parts of the networking code (not every type of
> normalisation needs to be done on every packet but it is all useful), with
> sysctls to turn it on or off, and maybe we'll add the ability to log
> packets at various points because we don't want the overhead of BPF (it has
> to process every packet too) and that's just for starters. I'm sure I can
> think of some more, in time. How about you?
I'm sensitive to the argument about duplicating functionality but I'll repeat
again I consider this change worthwhile. To require each and every system
configure a packet filter to get equivalent functionality is overkill IMO and
is the reason I agreed with the change. If this were useful only for machines
doing packet forwarding then I'd agree that it's duplicate functionality and
better handled by a packet filter that would already be present in the
system. However I expected it would be used by many/most endpoint systems
that weren't necessarily using a packet filter. Further, if you can argue
the default setting will rarely be changed then I'd agree that it's not worth
keeping, but I felt otherwise--that folks would want to change the default
setting to something else.
> If there were a core@ for freebsd that was active, this is the kind of
> thing I'd be writing to them about, asking for it to be backed out.
Technical disputes of this sort are supposed to be passed to the TRB. I
personally don't see the change as important enough to argue about--I haven't
heard Andre weigh in, but I figured he'd just back it out.
More information about the cvs-all