Hi Julian,
> We already chaned the mbuf from 128 to 256 bytes a while ago, so having
> more in the
> header is not necessarily a bad thing.. it generally wasn't a problem
> when it was only
> capable of holding 100 or so bytes of data. Even with an expanded header
> we are still
> talking of ho
> >Having the possibility to tag a packet would be worth indeed. But I
> >think that Milan wants to bring network stack virtualization in
> >newer release of FreeBSD IIUC. This would be, IMO, a great improvement
> >of FreeBSD networking, although I'm pretty sure this would make Netgraph
> >people
Chuck Swiger wrote:
Jeremie Le Hen wrote:
[ ... ]
PS: I'm seeing more and more requests about routing limitations in
FreeBSD everyday, such as lack of multiple routing tables support, lack
of source routing (as well as higher level protocol based routing).
Are there actually some projects th
Max Laier wrote:
On Tuesday 28 June 2005 14:15, Milan Obuch wrote:
The problem here is that this has to be a static thing (otherwise you need an
additional malloc and your possible performance gain is lost). If you change
MSIZE or sizeof(struct pkthdr) on a kernel option, you will have
Bill Vermillion wrote:
...
You didn't indicate the model of Cicso's but I've used both
NAT and PAT in Cisco routers.
I'm wondering if you did the NATing in the routers if this wouldn't
help?
we don't control one of the ciscos..
so we have to do the NATing.
Bill
_
Jeremie Le Hen wrote:
Wouldn't a more general approach be better. e.g. a way to "tag" a packet
before it is sent to divert and a matching tag-lookup that can do further
action. This would make it very easy to do all kinds of stuff that needs to
know the original address instead of the tran
> Hi Julian,
>
> > The challenge:
> >
> > figure out a way so that all teh users on the network behind fxp0
> > hcan use the internet using the T1 attached to the cisco off fxp1
> > while all the advertised services (about 8 of them, few enough to
> > list by hand in rules etc.) which are also be
Jeremie Le Hen wrote:
[ ... ]
PS: I'm seeing more and more requests about routing limitations in
FreeBSD everyday, such as lack of multiple routing tables support, lack
of source routing (as well as higher level protocol based routing).
Are there actually some projects that are being worked on to
I got FreeBSD to load balance two ISPs in version 4 a while ago, using
ipfw FWD rule, it had the same challenges that you are facing so try
this out, the routing is done on probability to cause load balance,
but you could do it on source ip
http://lists.freebsd.org/pipermail/freebsd-ipfw/2003-Aug
On Tuesday 28 June 2005 14:15, Milan Obuch wrote:
> On Tuesday 28 June 2005 14:09, Max Laier wrote:
> ...
>
> > > > > > pf does something along these lines in case you are looking for
> > > > > > references.
> > > > >
> > > > > Would it be possible to share this tag among pf and ipfw ?
> > > >
> >
Putting quill to paper and scribbling furiously on Mon, Jun 27,
2005 at 22:08 , Julian Elischer missed achieving immortality when
he said:
> So for reasons that i won't go into, I fin dmyself renumberring an entire
> company.
> howeve I have a particular problem I can't figure out how to fix.
>
On Tuesday 28 June 2005 14:09, Max Laier wrote:
...
> > > > > pf does something along these lines in case you are looking for
> > > > > references.
> > > >
> > > > Would it be possible to share this tag among pf and ipfw ?
> > >
> > > Sure, it's a simple mbuf tag with a (at this point) 16bit cookie
On Tuesday 28 June 2005 13:10, Milan Obuch wrote:
> On Tuesday 28 June 2005 12:37, Max Laier wrote:
> > On Tuesday 28 June 2005 12:27, Jeremie Le Hen wrote:
> > > > Wouldn't a more general approach be better. e.g. a way to "tag" a
> > > > packet before it is sent to divert and a matching tag-looku
On Tuesday 28 June 2005 12:37, Max Laier wrote:
> On Tuesday 28 June 2005 12:27, Jeremie Le Hen wrote:
> > > Wouldn't a more general approach be better. e.g. a way to "tag" a
> > > packet before it is sent to divert and a matching tag-lookup that can
> > > do further action. This would make it ve
On Tuesday 28 June 2005 12:27, Jeremie Le Hen wrote:
> > Wouldn't a more general approach be better. e.g. a way to "tag" a packet
> > before it is sent to divert and a matching tag-lookup that can do further
> > action. This would make it very easy to do all kinds of stuff that needs
> > to know
On Tuesday 28 June 2005 12:27, Jeremie Le Hen wrote:
> > Wouldn't a more general approach be better. e.g. a way to "tag" a packet
> > before it is sent to divert and a matching tag-lookup that can do further
> > action. This would make it very easy to do all kinds of stuff that needs
> > to know
> Wouldn't a more general approach be better. e.g. a way to "tag" a packet
> before it is sent to divert and a matching tag-lookup that can do further
> action. This would make it very easy to do all kinds of stuff that needs to
> know the original address instead of the translated one while a
On Tuesday 28 June 2005 11:39, Milan Obuch wrote:
> On Tuesday 28 June 2005 09:46, Jeremie Le Hen wrote:
> > Hi Julian,
> >
> > > The challenge:
> > >
> > > figure out a way so that all teh users on the network behind fxp0
> > > hcan use the internet using the T1 attached to the cisco off fxp1
> >
On Tuesday 28 June 2005 09:46, Jeremie Le Hen wrote:
> Hi Julian,
>
> > The challenge:
> >
> > figure out a way so that all teh users on the network behind fxp0
> > hcan use the internet using the T1 attached to the cisco off fxp1
> > while all the advertised services (about 8 of them, few enough t
Hi Julian,
> The challenge:
>
> figure out a way so that all teh users on the network behind fxp0
> hcan use the internet using the T1 attached to the cisco off fxp1
> while all the advertised services (about 8 of them, few enough to
> list by hand in rules etc.) which are also behind fxp0 but ac
So for reasons that i won't go into, I fin dmyself renumberring an entire
company.
howeve I have a particular problem I can't figure out how to fix.
I have a gateway/firewall machine running 4.x
it has 3 interfaces
fxp0 goes to the internal trusted network
fxp1 goes to the internet via a T1 v
21 matches
Mail list logo
