On 03/04/17 15:12, Julian Elischer wrote: > On 3/4/17 11:07 am, Andrey V. Elsukov wrote: >> Author: ae >> Date: Mon Apr 3 03:07:48 2017 >> New Revision: 316435 >> URL: https://svnweb.freebsd.org/changeset/base/316435 > > it was always my intention to hook netgraph modules into ipfw in this way
In my humble opinion, in an ideal world, everything warrants a rethink - in terms of "abstract forwarding elements". This is how a lot of the newer integrated routing/switching hardware seems to behave; designs like the FM6000, Juniper's Trio, and so on. For now, we've got several bodies of firewall code available in the FreeBSD base system. The MSS tweak is much appreciated; it makes DSL and Cable access more usable for many. But I appreciate the sentiment of taking what is - on the face of it - a simple network protocol transformation at a FreeBSD hop, as something which really, we'd ideally have a common way of expressing. I struggle to keep track of all of this development, personally. It would be great if we could take the best from all of them, incorporate scalability for LRO and so on, and hybrid forwarding chips, or other offload stack approach, in the same code base somehow. It's worth a trip down to the 1.4Tbit/s Alien Superchannel to see what I'm getting at. Multi-100GBE into 1U is a reality now. _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"