From owner-freebsd-net Mon Jan 1 22:19:34 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 22:19:31 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 996BC37B402 for ; Mon, 1 Jan 2001 22:19:28 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14DKsD-0000PG-00; Mon, 01 Jan 2001 23:24:41 -0700 Sender: wes@FreeBSD.ORG Message-ID: <3A517429.91B2F251@softweyr.com> Date: Mon, 01 Jan 2001 23:24:41 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: "C. Stephen Gunn" Cc: Julian Elischer , "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "C. Stephen Gunn" wrote: > > On Sun, 31 Dec 2000 19:54:19 PST, Julian Elischer wrote: > > > > The current VLAN (and Ethernet) implementaiton in FreeBSD needs work. > > > FreeBSD should should handle multiple ethernet encapsulations on > > > the same physical interface, and relay packets to/from some subordinate > > > interface. This support would factor-out the need for current > > > work-arounds like if_vlan, and if_ef, and perhaps even if_tap. > > > > sounds like a perfect use for netgraph.. > > I've thought about this, and and a migation to netgraph would > require significant changes to how FreeBSD handles Ethernet (and > other IEEE 802) interfaces. > > For example, you would no longer simply ``ifconfig xl'', but > associate a netgraph link-layer node on top of the xl interface, > and a netgraph interface node on top of the link-layer node, which > would function (mostly) like xl does now. > > Netgraph is an excellent technology. While your comment makes > sense, there are several issues that will need to be addressed. > For instance, the current ARP implementation in FreeBSD is > entangled with the generic ethernet code. Under netgraph, it would be just another protocol in a netgraph node, and could be added to (and removed from) the interface as needed. That would be interesting from the standpoint of a secure system over which you wanted to control the ARP entries. Being able to simply turn off dynamic ARP has been discussed often, but never really acted upon. Doing link-layer encapsulation modules is really not very difficult. I've written pretty much the full complement, covering ethernet (10, 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck, I can identify that protocol in 20 instructions.) > I'm afraid to even contemplate the POLA and backward compatability > issues involved. Why would we need to violate POLA? The obvious default would be to extend ifconfig to configure the new protocol types, and to assume EthII framing unless explicitly specified. > If this discussion is non-casual, we should eventually migrate > it over to -arch. Perhaps so. If someone does the work to move EthII into netgraph, I can certainly contribute a SNAP/LLC module, and maybe even extensions to ifconfig so you can use it. ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message