>>Stupid question, but why do we need different types - netgroups and ipgroup? >> >>We can easily represent a single IP as network: 192.168.0.1/32 or is there a problem with that? t I think it's just speed or hash memory optimisation
I found a good presentation here : http://workshop.netfilter.org/2013/wiki/images/a/ab/Jozsef_Kadlecsik_ipset-osd-public.pdf But I think you can indeed use net:hash for /32 doc say: Speed linearly grows with the numberof different sizes of the netblocks, so maybe they are a first hash of netmask, then second hash on ip. ----- Mail original ----- De: "Dietmar Maurer" <[email protected]> À: "Alexandre Derumier" <[email protected]>, [email protected] Envoyé: Vendredi 28 Mars 2014 09:39:26 Objet: RE: [pve-devel] [PATCH] implement ipset ip/net groups > groups.fw > --------- > [ipgroup ipgroup1] > > 192.168.0.1 > 192.168.0.2 > 192.168.0.3 > > [ipgroup ipgroup2] > > 192.168.0.3 > 192.168.0.4 > > [netgroup netgroup1] > > 192.168.0.0/24 > 10.0.0.0/8 Stupid question, but why do we need different types - netgroups and ipgroup? We can easily represent a single IP as network: 192.168.0.1/32 or is there a problem with that? _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
