FIB MFC
Igor Sysoev
is at rambler-co.ru
Thu Jul 24 16:33:07 UTC 2008
On Thu, Jul 24, 2008 at 08:33:09AM -0700, Julian Elischer wrote:
> Igor Sysoev wrote:
> >Julian, thank you for FIB. I have tried in on FreeBSD-7.
> >
> >I've found that ipfw does not know about setfib:
> >ipfw: invalid action setfib
> >
>
> Oh I have not finished MFC..
> will finish today..
>
> the svn server crashed last night .. :-/
> (or at least went very strange) while I was working on this so I
> went to bed.
>
>
>
> >Therefore I've added missing part from CURRENT.
> >Then I have tried the following configuration:
> >
> >vlan1: 10.0.0.100
> >vlan2: 192.168.1.100
> >
> >route add default 10.0.0.1
> >setfib 1 route add default 192.168.1.1
> >ipfw add setfib 1 ip from any to any in via vlan2
> >
> >I expected that outgoing packets of TCP connection established
> >via vlan2 will be routed to 192.168.1.1, but this did not happen.
> >The packets went to 10.0.0.1 via vlan1:
>
> no, while this doesmake sense, the fib is only used for outgoing
> packets and the fib of local sockets is set by the process that opens
> the socket. (either with setfib(2) or sockopt(SETFIB))
>
> I was thinking that it might be possible to tag a socket to accept the
> fib of the packet coming in, but if we do this, we should decide
> API to label a socket in this way..
I think it should be sysctl to globaly enable TCP FIB inheritance.
API is already exists: sockopt(SO_SETFIB) for listening socket.
> It is a n execellent idea however, and I don't know why I didn't
> do it already..
>
> >
> >tcp4 0 0 192.168.1.100.80 XXXXXXXXXX SYN_RCVD
> >tcp4 0 0 192.168.1.100.80 XXXXXXXXXX SYN_RCVD
> >tcp4 0 0 192.168.1.100.80 XXXXXXXXXX SYN_RCVD
> >
> >Can TCP connection inherit FIB from first SYN packet or not ?
>
> no but it is a good idea.
--
Igor Sysoev
http://sysoev.ru/en/
More information about the freebsd-net
mailing list