On 01/28/2012 02:12 AM, Weongyo Jeong wrote: > Hello Kip, > > I had looked flowtable code briefly and still not sure whether I > understand it correctly. At this moment I have a question. > > Is it possible to apply flowtable techniques for forwarding packets? If > I understand it right it looks it's impossible at current status because > flowtable is only applied when ro == NULL at ip_output(). Is it > intentional one? >
You can pass in a struct route filled in by a flowtable lookup in ip_output. I have made this change in a number of branches and I know at least one firewall is seeing good results from doing this. The one thing to be careful about is that the number of cached flows scales with the number of IPs and not the number of prefixes. Cheers, Kip _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
