Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 8 Aug 2005 18:11:44 +0200
From:      Milan Obuch <net@dino.sk>
To:        freebsd-net@freebsd.org
Subject:   Re: running out of mbufs?
Message-ID:  <200508081811.45126.net@dino.sk>
In-Reply-To: <200508081757.47499.zec@icir.org>
References:  <1123040973.95445.TMDA@seddon.ca> <42F734D0.6F7387E0@freebsd.org> <200508081757.47499.zec@icir.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 08 August 2005 17:57, Marko Zec wrote:
> On Monday 08 August 2005 12:32, Andre Oppermann wrote:
> > Dave+Seddon wrote:
> > > BTW, I'd be interested to know people's thoughts on multiple IP
> > > stacks on FreeBSD.  It would be really cool to be able to give a
> > > jail it's own IP stack bound to a VLAN interface.  It could then be
> > > like a VRF on Cisco.
> >
> > There is a patch doing that for FreeBSD 4.x.  However while
> > interesting it is not the way to go.  You don't want to have multiple
> > parallel stacks but just multiple routing tables and interface groups
> > one per jail. This gives you the same functionality as Cisco VRF but
> > is far less intrusive to the kernel.
>
> Andre,
>
> the stack virtualization framework for 4.x is based precisely on
> introducing multiple routing tables and interface groups.  In order to
> cleanly implement support for multiple independent interface groups,
> one has to touch both the link and network layers, not forgetting the
> ARP stuff... and in no time you have ended up with a huge and intrusive
> diff against the original network stack code.
>
> So I see no point in pretending we could get such a functionality for
> free, i.e. with only a negligible intrusiveness to the kernel code.  A
> more appropriate question would be whether the potential benefits of
> having multiple stack state instances could outweight the trouble and
> damage associated with the scope of required modifications to the
> kernel code tree.  Only if we could get an affirmative answer to that
> question it would make sense to start thinking / debating on the most
> appropriate methodology to (re)implement the multiple stacks framework.
>
> Cheers,
>
> Marko

I did use Marko's patch for some time with great success. I feel it would be 
really great to be able to use something similar in new releases.
It is really like cisco's vrf. I used it for multi-VPN monitoring/management. 
There is nothing comparable currently - user mode linux is too resource 
consuming, other methods are not so easy to use...
If anyone knows the way to put virtual stacks into newer FreeBSD, I am eager 
to test it. For my current task (multi-VPN monitoring/management, again) I 
will use this, again.
Regards,
Milan



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508081811.45126.net>