Julian's netowrking challenge 2005

Tue Jun 28 10:38:09 GMT 2005

On Tuesday 28 June 2005 12:27, Jeremie Le Hen wrote:
> > Wouldn't a more general approach be better.  e.g. a way to "tag" a packet
> > before it is sent to divert and a matching tag-lookup that can do further
> > action.  This would make it very easy to do all kinds of stuff that needs
> > to know the original address instead of the translated one while avoiding
> > code duplication.
>
> Having the possibility to tag a packet would be worth indeed.  But I
> think that Milan wants to bring network stack virtualization in
> newer release of FreeBSD IIUC.  This would be, IMO, a great improvement
> of FreeBSD networking, although I'm pretty sure this would make Netgraph
> people react a bit ;-).

Stack virtualization is independent of this.  All I am trying to say here, is 
that I think it is better to have a general mechanism to do thing like that, 
instead of a special solution for fwd (i.e. set-nexthop).

> > pf does something along these lines in case you are looking for
> > references.
>
> Would it be possible to share this tag among pf and ipfw ?

Sure, it's a simple mbuf tag with a (at this point) 16bit cookie.  The 
downside of this approach is that you need to malloc the tag, but on the 
other hand it's even more complicated for set-nexthop where you need to 
allocate a route and maybe even hold it for some time and make sure you 
properly GC it ... tags seem way simpler to me.

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20050628/c4cb3d4e/attachment.bin