Best way for an app to accept traffic on 30,000+ interfaces?
Fleuriot Damien
ml at my.gd
Thu Mar 21 13:59:13 UTC 2013
On Mar 21, 2013, at 2:57 PM, Ermal Luçi <eri at freebsd.org> wrote:
>
>
>
> On Thu, Mar 21, 2013 at 2:54 PM, Fleuriot Damien <ml at my.gd> wrote:
>
> On Mar 21, 2013, at 9:25 AM, Ermal Luçi <eri at freebsd.org> wrote:
>
> > On Thu, Mar 21, 2013 at 1:59 AM, Mark D <markd-freebsd-net at bushwire.net>wrote:
> >
> >> (Hopefully this isn't too out-of-scope for this list..)
> >>
> >> I have an application in mind that I'd like to have accept/respond to
> >> UDP queries sent to perhaps 30K contiguous IP addresses (most likely
> >> IPV6 addresses because such ranges are easy to come by, but
> >> conceptually ipv4 as well).
> >>
> >> This would all be on a small number of FBSD instances.
> >>
> >> Though it could be done, I don't really want to create 30K interfaces
> >> and have the application bind 30K sockets as it's not clear if that
> >> will scale if I try an address range that expands to, say, 1M IPs
> >> wide.
> >>
> >> This address range would be internet-facing and responding to random
> >> remote clients.
> >>
> >> My first thought is to use SOCK_RAW in much the same way that natd
> >> does - at least to receive the traffic.
> >>
> >> Is that a sensible and viable approach or is there a better/easier
> >> way?
> >>
> >>
> >> Mark.
> >> _______________________________________________
> >> freebsd-net at freebsd.org mailing list
> >> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> >> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
> >>
> >
> >
> > How about firing up one of the firewall/pfil(9) consumers like (ipfw/pf)
> > and adding rules to redirect traffic to a socket bound on loopback?
> >
> > --
> > Ermal
>
>
> I fail to see how that's different from what I suggested with PF's rdr rule ?
>
> I never saw the e-mail in this thread!
Find below a copy of the text I posted :
==
Use PF ? :p
Rdr quick on $wan inet6 proto udp from any to 2001:1234::1/120 port 12345 tag uwin -> ::1
Pass in quick on $wan inet6 proto udp tagged $uwin
That's a bit dirty though, using PAT on ip6...
==
Here you go.
From what I understand, that would be pretty similar to what you suggested, aye ?
More information about the freebsd-net
mailing list