From owner-freebsd-questions@FreeBSD.ORG Thu Mar 3 18:47:44 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8C1D516A4CE for ; Thu, 3 Mar 2005 18:47:44 +0000 (GMT) Received: from rosebud.otenet.gr (rosebud.otenet.gr [195.170.0.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id EDCA143D5D for ; Thu, 3 Mar 2005 18:47:42 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from orion.daedalusnetworks.priv (aris.bedc.ondsl.gr [62.103.39.226])j23IlPG2021386; Thu, 3 Mar 2005 20:47:25 +0200 Received: from orion.daedalusnetworks.priv (orion [127.0.0.1]) j23IlcQ6066748; Thu, 3 Mar 2005 20:47:38 +0200 (EET) (envelope-from keramida@ceid.upatras.gr) Received: (from keramida@localhost)j23Ilct3066747; Thu, 3 Mar 2005 20:47:38 +0200 (EET) (envelope-from keramida@ceid.upatras.gr) Date: Thu, 3 Mar 2005 20:47:38 +0200 From: Giorgos Keramidas To: "J.D. Bronson" Message-ID: <20050303184737.GA53253@orion.daedalusnetworks.priv> References: <6.2.0.14.2.20050303061448.00a34520@localhost> <9e46c99e05030307153a916d11@mail.gmail.com> <20050303171413.GB38641@orion.daedalusnetworks.priv> <422753BD.1020508@cis.strath.ac.uk> <6.2.0.14.2.20050303122709.00b4fe10@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <6.2.0.14.2.20050303122709.00b4fe10@localhost> cc: freebsd-questions@freebsd.org cc: Tomas Quintero cc: Chris Hodgins Subject: Re: [repost] ip.forwarding with pf X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Mar 2005 18:47:44 -0000 On 2005-03-03 12:28, "J.D. Bronson" wrote: >At 12:13 PM 03/03/2005, Chris Hodgins wrote: >>Hmm I found this: >>http://mailman.twdx.net/pipermail/occaid/2003-October/000250.html >> >>Google for "freebsd net.inet.ip.fastforwarding". > > Hey guys...all of this seems really cool....but is it appropriate for one > to use 'fast forwarding' when using pf/nat ? > > It -seems- to me that if one wants to use pf and/or nat that 'fast > forwarding is not applicable nor desired. > > OTOH, if it IS desirable, I certainly want to use it. Yes and no. When fast forwarding is enabled, the network packets are processed synchronously, as they arrive, at the link layer (i.e. Ethernet driver). This lets the ethernet driver process the packets as close as possible to the original interrupt that pulls them off the driver's input queue, which is arguably faster than waiting for an asynchronous netisr (network interrupt service) routine to grab them later. This is faster for some operations, but it also breaks others. For instance, I think IPSEC doesn't work with fast forwarding. IP option processing is not done in the fast forwarding code. Multicast or broadcast don't work either. So, there are tradeoffs for the increased speed in packet processing. But they are not related to PF or NAT. At least, not directly.