On Thu, Jun 28, 2001 at 10:32:50PM +0200, Dag-Erling Smorgrav wrote:
> Wes Peters <[EMAIL PROTECTED]> writes:
> > The description there isn't very forthcoming. fastforwarding caches
> > the results of a route lookup for destination addresses that are not
> > on the local machine, and uses the cached route to short-circuit the
> > normal (relatively slow) route lookup process. The packet flows
> > directly from one layer2 input routine directly to the opposing
> > layer2 output routine without traversing the IP layer.
>
> And more importantly, without traversing ipfw or ipfilter. In other
> words, don't use this on a firewall.
>
Doesn't this match exactly what's documented in the inet(4) manpage?
: IPCTL_FASTFORWARDING (ip.fastforwarding) Boolean: enable/disable the use
: of fast IP forwarding code. Defaults to off. When
: fast forwarding is enabled, IP packets are for-
: warded directly to the appropriate network inter-
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
: face with a minimal validity checking, which
: greatly improves the throughput. On the other
: hand, they bypass the standard procedures, such as
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
: IP option processing and ipfirewall(4) checking.
^^^^^^^^^^
: It is not guaranteed that every packet will be
: fast-forwarded.
BTW, Wes, I'm still waiting for a working example of an indirect route
with also indirect gateway. All I can get myself here with such a
route is:
arplookup 5.6.7.8 failed: host is not on local network
arpresolve: can't allocate llinfo for 5.6.7.8rt
where 5.6.7.8 is that indirect gateway.
Cheers,
--
Ruslan Ermilov Oracle Developer/DBA,
[EMAIL PROTECTED] Sunbay Software AG,
[EMAIL PROTECTED] FreeBSD committer,
+380.652.512.251 Simferopol, Ukraine
http://www.FreeBSD.org The Power To Serve
http://www.oracle.com Enabling The Information Age
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
