a question about flowtable
Kip Macy
kmacy at freebsd.org
Sat Jan 28 18:13:43 UTC 2012
On 01/28/2012 02:12 AM, Weongyo Jeong wrote:
> Hello Kip,
>
> I had looked flowtable code briefly and still not sure whether I
> understand it correctly. At this moment I have a question.
>
> Is it possible to apply flowtable techniques for forwarding packets? If
> I understand it right it looks it's impossible at current status because
> flowtable is only applied when ro == NULL at ip_output(). Is it
> intentional one?
>
You can pass in a struct route filled in by a flowtable lookup in
ip_output. I have made this change in a number of branches and I know at
least one firewall is seeing good results from doing this. The one thing
to be careful about is that the number of cached flows scales with the
number of IPs and not the number of prefixes.
Cheers,
Kip
More information about the freebsd-net
mailing list