On Sat, Jan 17, 2004 at 12:17:48PM +0800, Xin LI wrote: > As title. To my imagination (I have taken a sight on the kernel networking > code), the fastforwarding path is intended for routers only, so if I want > some functionalities, for example, NAT, the fastforwarding is not useful, > and my experiment shows that if I enable it, ipfilter's NAT will be broken. > Am I right? > > Thanks in advance! > Worse. From the inet(4) manpage,
: IPCTL_FASTFORWARDING (ip.fastforwarding) Boolean: enable/disable the use : of fast IP forwarding code. Defaults to off. When : fast forwarding is enabled, IP packets are for- : warded directly to the appropriate network inter- : face with a minimal validity checking, which : greatly improves the throughput. On the other : hand, they bypass the standard procedures, such as : IP option processing and ipfirewall(4) checking. : It is not guaranteed that every packet will be : fast-forwarded. Cheers, -- Ruslan Ermilov FreeBSD committer [EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
