Date: Tue, 06 Feb 2007 18:52:40 -0800 From: Justin Robertson <justin@sk1llz.net> To: Julian Elischer <julian@elischer.org>, freebsd-net@freebsd.org Subject: Re: 6.x, 4.x ipfw/dummynet pf/altq - network performance issues Message-ID: <45C93EF8.4040204@sk1llz.net> In-Reply-To: <45C93872.8050100@elischer.org> References: <45C8E2A2.9040204@sk1llz.net> <45C8EC53.8020803@elischer.org> <45C91CDF.7000509@sk1llz.net> <45C93872.8050100@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
So in a sense I should be able to do away with the transparent bridge. However, 6.x in any mode (bridge or not) was still incapable of pushing the traffic that 4.x could. This would certainly help remove one machine from the mix, but still requires running 4.x to get any real performance. :-\ Julian Elischer wrote: > Justin Robertson wrote: >> Err, forgot to reply to -net, at anyrate, layer 2 isn't useful as it >> doesn't undertand ip addresses, ports, protocols, etc. > > filtereing at the NIC (sysctl net.link.ether.ipfw=1 or something > similar) lets you do layer 3 filtereing at the NIC layer.. > >> >> Julian Elischer wrote: >>> Justin Robertson wrote: >>>> >>> >>> >>> >>>> Splitting the task into a transparent filtering bridge with a >>>> separate routing box appears to clear it up entirely. >>> >>> how does that differ from using mac level ipfw? >>> >>> i.e. turning on filtering at the NIC (layer 2). >>> >>> (have you tried doing that?) >>> >> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45C93EF8.4040204>