Date: Sat, 22 Jan 2005 16:25:46 +0100 From: Jeremie Le Hen <jeremie@le-hen.org> To: Boris Kovalenko <boris@ntmk.ru> Cc: freebsd-net@freebsd.org Subject: Re: [PATCH] 802.1p priority (fixed) Message-ID: <20050122152546.GG36660@obiwan.tataz.chchile.org> In-Reply-To: <41F1E99A.5070001@ntmk.ru> References: <41F1E99A.5070001@ntmk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
> 2. Mark 802.1p at PF/IPFW level. But we shold foresee a keyword to trust > application level information or override it. For example > ipfw add 802.1p trust 6 on any to any ssh <-- this trust application > level information and set 802.1p to 6 if it is omitted > ipfw add 802.1p override 6 on any to any ssh <-- this silently set > 802.1p == 6, regardless of application I'm not a 802.1q guru, but I think it would be relevant to be able to match against the 802.1p, at least when firewalling on layer 2 (bridging). Furthermore I would like to point out that we are going to introduce an extremely new feature into ipfw which will allow us to *modify* a packet. AFAIK, this is not possible for the moment, except when diverting to a socket. What I mean is that if I can set the 802.1p header then why wouldn't I be able to set the TOS value ? I think we should carefully choose a flexible way to extend ipfw syntax if we choose to go this way. Having the possibility to test and set the 802.1p or TOS values separately would avoid making a "trust"/"override" subtlety and will obviously make it more flexible. > 3. Mark 802.1p at vlan drivers like 2 > ifconfig vlan0 > vlan: 100 802.1p: 6 CFI: 0 mode: trust vlandev: bge0 > Here we are trusting received from low level information and set 6 if it > is omitted > ifconfig vlan0 > vlan: 100 802.1p: 6 CFI: 0 mode: override vlandev: bge0 > Here we silently set 6. I would really like this feature. Thanks for you work ! Best regards, -- Jeremie Le Hen jeremie@le-hen.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050122152546.GG36660>