From owner-freebsd-ipfw@FreeBSD.ORG Wed Oct 7 20:14:35 2009 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5E9461065676 for ; Wed, 7 Oct 2009 20:14:35 +0000 (UTC) (envelope-from apauljoe@gmail.com) Received: from mail-qy0-f181.google.com (mail-qy0-f181.google.com [209.85.221.181]) by mx1.freebsd.org (Postfix) with ESMTP id 1AF038FC14 for ; Wed, 7 Oct 2009 20:14:34 +0000 (UTC) Received: by qyk11 with SMTP id 11so4496309qyk.13 for ; Wed, 07 Oct 2009 13:14:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:cc:content-type; bh=Az409DgaLUhyuxCtsbo/7xzwqxhAY/EMXMi8eIa+MJU=; b=vo+ERXiTU4YL/pbb3Mr8i9kuCdgFmrew8U62ycOr0CqoJ5CFJHIQFSpLUVCxZQxvob WwXd9PVyqbv28XmuPfM3LEm3cVZGaHOKzAxDq3mwKUWsIoiRKdnfSIP1S4dN3aHfx+Bs GCqau9gkLJQFDf84qdjnCMtF5qzVBg4/Gmi5Q= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type; b=OZUl0auS1McdzQpjSk0BdgGpgLBChae1Yqs/k1CMt6ew2dSV5B9G0JQCdNPuKgrvhU IsT6IlTRAzXmqgAllS5mrNnLg556+I2zpq0vn8MYliwm6bvSQ7O2JKuwYAhfJs3+X/xy 7Zox7QaxvkBvZA9P9VSYDO1F/1qLW/fCRWvqg= MIME-Version: 1.0 Received: by 10.224.121.80 with SMTP id g16mr362853qar.316.1254944786118; Wed, 07 Oct 2009 12:46:26 -0700 (PDT) Date: Wed, 7 Oct 2009 12:46:24 -0700 Message-ID: <286e18280910071246r33d33476ya9dd846cd1de6062@mail.gmail.com> From: Joe R To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: julian@elischer.org Subject: Extension of dummynet/ipfw to support userspace packet classification X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Oct 2009 20:14:35 -0000 We at ironport have a requirement to do bandwidth management, but the traffic classification (and selection of bandwidth pipes) is done in userspace. The reason classification is done in userspace is because the traffic classifications are something like streaming audio traffic, video traffic, based on website categories etc. Our appliance is based on FreeBSD, and so we decided to look at dummynet to support our requirement. We could not use dummynet as such because it uses ipfw for packet classification, where packet classification (and pipe selection) is done in kernel based on tcp/ip parameters like IP and port. So we decided to extended dummynet/ipfw to support packet classification in userspace. Our idea is to extended socket structure to have a pipe number and have a setsockoption to associate the pipe number to a socket structure. Then have a new ipfw target (mappedpipe), which will pass the packet to dummynet (similar to pipe target) but with the pipe number in the socket structure if it is non-zero. I would like to know your comments on this proposal and if people are interested, I will be happy to submit a patch on this. Thanks, Joe.