10gbps scalability (was: Re: FreeBSD problems and preliminary
ways to solve)
Poul-Henning Kamp
phk at phk.freebsd.dk
Sat Aug 20 14:27:40 UTC 2011
In message <alpine.BSF.2.00.1108201234280.4529 at fledge.watson.org>, Robert Watso
n writes:
>Part of the key here will be reworking things like ipfw(4)
Here is how to do it:
Compile IPFW rules to C-code, compile C-code to KLD, load KLD and hook
the firewall rules.
If the C-code is designed smartly, the C-compiler can optimize to
insanely efficient code.
The same semantics as today can be preserved with respect to counters
and dynamic addition/removal of rules, with a little bit of creative
thinking about data structures.
Somebody[tm] did that long ago, but never contributed the patches back
once The Mgt[tm] realized what performance we were talking about.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the freebsd-arch
mailing list