GRE Mux

[Julian Elischer]

Brett Glass wrote:
> Everyone:
> 
> I have recently been building FreeBSD VPN servers which can accept 50 to 
> 100 PPTP connections. PPTP is, essentially, PPP over GRE (with a TCP 
> control connection), so we have large numbers of packets passing in and 
> out using GRE. Unfortunately, GRE on FreeBSD doesn't currently have a 
> multiplexing function as does TCP. If userland PPP and pptpd are used to 
> handle the PPTP sessions, each GRE packet is passed to the first pptpd 
> process. If the call ID doesn't match, it's passed to the next, and then 
> the next, and so on. What's more, each test requires a "bounce" into and 
> out of the kernel. mpd, which uses netgraph, does more of the work 
> within the kernel, but the testing still takes place in linear time -- 
> and the potential delay increases with the number of PPTP sessions that 
> have been established. The packet is bounced from one netgraph node to 
> another until one of them accepts it or the packet falls off the end of 
> the chain.
> 
> It seems to me that it might be worth it to implement a multiplexing 
> function that dispatches the packet directly to the right process or 
> netgraph node rather than passing it from hand to hand. Thoughts?

if it takes you more than 1 day to write a netgraph function to do it 
you are taking too many coffee breaks.

mpd could probably do it automatically as it already does a lot of
netgraph munging.


> 
> --Brett Glass
> 
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"