synchronising information between kernel modules

[Artis Caune]

I would like to hear some ideas about how to synchronise information 
over network between two or more kernel modules.



Topology:

We have to FreeBSD boxes, which sit between two cisco switches and do 
traffic policy(shaping).
Switches are connected with GigaChannel link (two physical links) and 
load balance traffic based on src,dst IP address.
FreeBSD boxes sit between each physical GigaChannel link.


Kernel module:

It simpy pass or drop packets and increment counters.
After every pass or drop or configuration change I need to tell other 
boxes about this action.




I can use multicasts, like pfsync does, but multicasts are not reliable. 
If pfsync update is lost, it will be updated in next update or state 
time out. If our update is lost, specialy configuration update, bad 
things can happen. And there is problem with registering this module as 
kernel level multicast protocol - need to modify kernel sorurce and 
recompile.

I can use ip_output and catch it on other box with pfil hooks, but it's 
not reliable. Maybe some kind of send_update + wait_for_ack option?


I can also use userland daemon which establish conection with all peers 
and send/receive updates. Updates must be copied between kernel and 
userland.