> In FreeBSD, do you intend to add the equivalent filter rules > automatically somewhere? Or to document that it is necessary and that > the administrator should do so by hand? If the former, then let's > figure out a good mechanism to hook in. Perhaps we should add a pair > of "netdev" functions for disabling and re-enabling default network > stack behavior, that dpif-netdev could call on adding and removing > port and could be implemented appropriately for Linux and for FreeBSD. > > What do you think?
Our eventual goal is to use the netmap[1] framework on FreeBSD. It has a library largely compatible with libpcap (so uses the same netdev-bsd.c), but netmap never passes packets up the stack unless the application explicitly does so. So we'll need a firewall rule if using base BPF, but don't need one with netmap. It seems to me that the primary use of the Linux userspace mode is for testing or prototyping and isn't intended to be a production interface; if that's the case then I'd say just documenting the behaviour and suggesting the admin install the firewall rule is reasonable. [1] http://info.iet.unipi.it/~luigi/netmap/ -Ed _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
