patric conant wrote:
> This seems relevant to a lot of interest. > commit 3a0038bfb239dd522057809c52d7d23dd2134c38 > Author: Matthew Dillon <dillon at apollo.backplane.com > <http://lists.dragonflybsd.org/mailman/listinfo/commits>> > Date: Thu Jun 26 20:40:32 2014 -0700 > > pf - make the bulk of PF concurrent under normal operation > > * state and ip fragment tables are now per-cpu. > > * packet paths acquire pf_token shared instead of exclusive. Packet > processing runs concurrently. > > * Any dynamic rules updates will run synchronously for now. > > * State expiration from the pfpurge thread runs synchronously for now. > More work can be done here. > > * ioctl (and also pfsync) paths acquire pf_token exclusively. That is, > primarily pfctl commands. This includes rules updates and state scans. > More work can be done here. > > Summary of changes: > sys/net/pf/Makefile | 2 + > sys/net/pf/if_pfsync.c | 85 +++++++--- > sys/net/pf/if_pfsync.h | 2 + > sys/net/pf/pf.c | 260 ++++++++++++++++++++---------- > sys/net/pf/pf_ioctl.c | 427 > +++++++++++++++++++++++++++++++------------------ > sys/net/pf/pf_norm.c | 118 ++++++++------ > sys/net/pf/pfvar.h | 17 +- > 7 files changed, 588 insertions(+), 323 deletions(-) > http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3a0038bfb239dd522057809c52d7d23dd2134c38 You are appear to be novice PF user and little bit naive about it. Fortunately people in control of PF like Henning Brauer are not. For starters DragonFly uses 4 years old version of PF equivalent to OpenBSD 4.8. PF is not very portable and you can follow my and Matt's discussion on DragonFly users to see how painful for an OpenBSD user like me is to use PF on DragonFly (I use Dragon Fly on one of my production servers). http://lists.dragonflybsd.org/pipermail/users/2014-June/128664.html What that public exchange doesn't reveal is how many things in PF in particular in PF IPv6 support IIRC got broken so that Matt got above to work. FreeBSD has done something similar earlier and they have their own PF changes also applied against an ancient version of PF. I have immense respect for Matt as a user of his code since Amiga C compiler. I probably speak for lots of people both in OpenBSD and DragonFly camp if I say that I would prefer him to finish HAMMER2 and leave concurrent threading in PF to Henning. Predrag
