running out of mbufs?

Milan Obuch net at dino.sk
Mon Aug 8 16:12:20 GMT 2005 

On Monday 08 August 2005 17:57, Marko Zec wrote:
> On Monday 08 August 2005 12:32, Andre Oppermann wrote:
> > Dave+Seddon wrote:
> > > BTW, I'd be interested to know people's thoughts on multiple IP
> > > stacks on FreeBSD.  It would be really cool to be able to give a
> > > jail it's own IP stack bound to a VLAN interface.  It could then be
> > > like a VRF on Cisco.
> >
> > There is a patch doing that for FreeBSD 4.x.  However while
> > interesting it is not the way to go.  You don't want to have multiple
> > parallel stacks but just multiple routing tables and interface groups
> > one per jail. This gives you the same functionality as Cisco VRF but
> > is far less intrusive to the kernel.
>
> Andre,
>
> the stack virtualization framework for 4.x is based precisely on
> introducing multiple routing tables and interface groups.  In order to
> cleanly implement support for multiple independent interface groups,
> one has to touch both the link and network layers, not forgetting the
> ARP stuff... and in no time you have ended up with a huge and intrusive
> diff against the original network stack code.
>
> So I see no point in pretending we could get such a functionality for
> free, i.e. with only a negligible intrusiveness to the kernel code.  A
> more appropriate question would be whether the potential benefits of
> having multiple stack state instances could outweight the trouble and
> damage associated with the scope of required modifications to the
> kernel code tree.  Only if we could get an affirmative answer to that
> question it would make sense to start thinking / debating on the most
> appropriate methodology to (re)implement the multiple stacks framework.
>
> Cheers,
>
> Marko

I did use Marko's patch for some time with great success. I feel it would be 
really great to be able to use something similar in new releases.
It is really like cisco's vrf. I used it for multi-VPN monitoring/management. 
There is nothing comparable currently - user mode linux is too resource 
consuming, other methods are not so easy to use...
If anyone knows the way to put virtual stacks into newer FreeBSD, I am eager 
to test it. For my current task (multi-VPN monitoring/management, again) I 
will use this, again.
Regards,
Milan

More information about the freebsd-net mailing list