svn commit: r233846 - head/sys/contrib/pf/net
Ermal Luçi
eri at freebsd.org
Tue Apr 3 18:30:42 UTC 2012
You are sure that the defer feature is linked only to active-active?
2012/4/3 Gleb Smirnoff <glebius at freebsd.org>:
> On Tue, Apr 03, 2012 at 06:09:21PM +0000, Gleb Smirnoff wrote:
> T> Author: glebius
> T> Date: Tue Apr 3 18:09:20 2012
> T> New Revision: 233846
> T> URL: http://svn.freebsd.org/changeset/base/233846
> T>
> T> Log:
> T> Since pf 4.5 import pf(4) has a mechanism to defer
> T> forwarding a packet, that creates state, until
> T> pfsync(4) peer acks state addition (or 10 msec
> T> timeout passes).
> T>
> T> This is needed for active-active CARP configurations,
> T> which are poorly supported in FreeBSD and arguably
> T> a good idea at all.
> T>
> T> Unfortunately by the time of import this feature in
> T> OpenBSD was turned on, and did not have a switch to
> T> turn it off. This leaked to FreeBSD.
> T>
> T> This change make it possible to turn this feature
> T> off via ioctl() and turns it off by default.
>
> Fortunately, we got an unused field in struct pfsyncreq,
> so this commit doesn't break ioctl() ABI, and this is
> mergeable.
>
> --
> Totus tuus, Glebius.
--
Ermal
More information about the svn-src-all
mailing list