Date: Tue, 01 May 2001 20:53:06 +0000 From: Gunther Schadow <gunther@aurora.regenstrief.org> To: Luigi Rizzo <luigi@info.iet.unipi.it> Cc: snap-users@kame.net, freebsd-net@FreeBSD.ORG, ipfilter@coombs.anu.edu.au, altq@csl.sony.co.jp Subject: Re: The future of ALTQ, IPsec & IPFILTER playing together ... Message-ID: <3AEF2232.19CEE240@aurora.regenstrief.org> References: <200105012011.WAA26915@info.iet.unipi.it>
next in thread | previous in thread | raw e-mail | index | archive | help
Luigi Rizzo wrote: > > Instead I will have to revert back from IPFILTER to IPFW (FreeBSD) > > so that I can use DUMMYNET instead of ALTQ. > > This leaves me with having to add a TOS-based filtering into > > IPFW. Cross my fingers and it will work :-/ > > i still fail to see why you hate so much this solution > as it seems to do what you need (actually i'd probably use the WFQ > feature of dummynet, and let the application set the TOS bits...) because the only filtering package that will ever have a chance to be consolidated with KAME's SPD rules and ALTQ's classifier will be IPFILTER; because IPFILTER is available accross all *BSDs; because IPFILTER is (arguably) more secure (though less powerful in its NAT rules.) I am really tempted to go back to IPFW, but I value future rejoining with KAME and a flexibility in choice of underlying *BSDs more than the convenience of IPFW. May be it's a mistake. If it is, the world (not just myself) should move towards IPFW on all BSDs. Luigi, if you hack IPFW into all *BSDs and if you submit the code to the CVS control of the KAME folks, may be IPFW could become the point of consolidation of the SPD and ALTQ classifier rules. I would cheer that effort! regards, -Gunther -- Gunther Schadow, M.D., Ph.D. gschadow@regenstrief.org Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent Professor Indiana University School of Medicine tel:1(317)630-7960 http://aurora.regenstrief.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AEF2232.19CEE240>