From owner-freebsd-net@FreeBSD.ORG Thu Mar 21 13:08:15 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 559FFC20; Thu, 21 Mar 2013 13:08:15 +0000 (UTC) (envelope-from mikemacleod@gmail.com) Received: from mail-ie0-x235.google.com (mail-ie0-x235.google.com [IPv6:2607:f8b0:4001:c03::235]) by mx1.freebsd.org (Postfix) with ESMTP id 1E09273C; Thu, 21 Mar 2013 13:08:15 +0000 (UTC) Received: by mail-ie0-f181.google.com with SMTP id 17so3460125iea.12 for ; Thu, 21 Mar 2013 06:08:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:cc:content-type:content-transfer-encoding; bh=cpT2n620NPhcrz2FOQIY0KopkJ4qmITZT4dx/hHIDQY=; b=Dg07TDP8wAtaG0X5QURBw4twLHFknjuwMrdAizToes38VU63ux7pf8FdlnpYWX6Y9k z1dVmX5YTEH6RalkxRzJPmlkIKHTfma13WJ+XVaZvAqQh+2iLsXEjK+yneeUB0WHQxSR Qal3Cdm5rMWOrUVcB8qwJbiwdTaWA1AD6/GE56w0WbQxK/3mCyQdkJxWtvg3OsxvuXL+ JjKtGOV+JUZdpQER/X6lT3U1oQxpuk4o14Ua1idZ5zU26THiE+m/MeoLGYG3NkrfRkVp Y922RQKI8+Ed+yce9ERWzIgla2menaMnJUs89Cxx5mlhQivVUE1XbkuBAJUzkG1S8AKw 5oSw== X-Received: by 10.50.181.134 with SMTP id dw6mr2030366igc.68.1363871294843; Thu, 21 Mar 2013 06:08:14 -0700 (PDT) MIME-Version: 1.0 Received: by 10.64.106.161 with HTTP; Thu, 21 Mar 2013 06:07:54 -0700 (PDT) In-Reply-To: References: <20130321005959.98706.qmail@f5-external.bushwire.net> From: Michael MacLeod Date: Thu, 21 Mar 2013 09:07:54 -0400 Message-ID: Subject: Re: Best way for an app to accept traffic on 30,000+ interfaces? To: =?ISO-8859-1?Q?Ermal_Lu=E7i?= Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Mar 2013 13:08:15 -0000 Ermal is probably on the right track. Working in a load balanced environment I've personally done three contiguous /20 blocks using three loopback interfaces on linux hosts. I'd imagine that FreeBSD should behave similarly. The only fancy thing the load balancer did was as packets destined for one of the VIPs, it would forward the packet to one of the linux hosts at layer 2, but wouldn't touch the layer 3 headers at all, preserving that information. The host would see the VIP address, and respond from it, because it existed on the loopback interface. It worked well - you'll have to recreate similar behaviour in your network. We did entire groups of contiguous /64 blocks in IPv6 in the same way. On Thu, Mar 21, 2013 at 4:25 AM, Ermal Lu=E7i wrote: > On Thu, Mar 21, 2013 at 1:59 AM, Mark D w= rote: > >> (Hopefully this isn't too out-of-scope for this list..) >> >> I have an application in mind that I'd like to have accept/respond to >> UDP queries sent to perhaps 30K contiguous IP addresses (most likely >> IPV6 addresses because such ranges are easy to come by, but >> conceptually ipv4 as well). >> >> This would all be on a small number of FBSD instances. >> >> Though it could be done, I don't really want to create 30K interfaces >> and have the application bind 30K sockets as it's not clear if that >> will scale if I try an address range that expands to, say, 1M IPs >> wide. >> >> This address range would be internet-facing and responding to random >> remote clients. >> >> My first thought is to use SOCK_RAW in much the same way that natd >> does - at least to receive the traffic. >> >> Is that a sensible and viable approach or is there a better/easier >> way? >> >> >> Mark. >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> > > > How about firing up one of the firewall/pfil(9) consumers like (ipfw/pf) > and adding rules to redirect traffic to a socket bound on loopback? > > -- > Ermal > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"