GRE Mux

[Ermal Luçi]

On Fri, Mar 21, 2008 at 4:47 PM, Brett Glass <brett at lariat.net> wrote:
> Everyone:
>
>  I have recently been building FreeBSD VPN servers which can accept
>  50 to 100 PPTP connections. PPTP is, essentially, PPP over GRE
>  (with a TCP control connection), so we have large numbers of
>  packets passing in and out using GRE. Unfortunately, GRE on FreeBSD
>  doesn't currently have a multiplexing function as does TCP. If
>  userland PPP and pptpd are used to handle the PPTP sessions, each
>  GRE packet is passed to the first pptpd process. If the call ID
>  doesn't match, it's passed to the next, and then the next, and so
>  on. What's more, each test requires a "bounce" into and out of the
>  kernel. mpd, which uses netgraph, does more of the work within the
>  kernel, but the testing still takes place in linear time -- and the
>  potential delay increases with the number of PPTP sessions that
>  have been established. The packet is bounced from one netgraph node
>  to another until one of them accepts it or the packet falls off the
>  end of the chain.
>
>  It seems to me that it might be worth it to implement a
>  multiplexing function that dispatches the packet directly to the
>  right process or netgraph node rather than passing it from hand to
>  hand. Thoughts?
>

ng_gif_demux does the same it shouldn't be to hard to come with
something similar for pptp.
If you find the time and do it please share.

>  --Brett Glass
>
>  _______________________________________________
>  freebsd-net at freebsd.org mailing list
>  http://lists.freebsd.org/mailman/listinfo/freebsd-net
>  To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>