Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)

• Previous message: Luigi Rizzo: "Re: Issues with a Large Fat pipe Network simulation"
• In reply to: Ari Suutari: "Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)"
• Next in thread: Ari Suutari: "Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)"
• Reply: Ari Suutari: "Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)"
• Reply: Jeremie Le Hen: "Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)"
• Reply: Andre Oppermann: "Re: Policy routing idea (Was: ipfw: Would it be possible tocontinue processing rest of rules after match ?)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 21 Jun 2005 17:06:49 -0700
To: Ari Suutari <ari@suutari.iki.fi>

On Tue, Jun 21, 2005 at 09:27:30AM +0300, Ari Suutari wrote:
> Hi,
>
> I sent this to ipfw mailing list some time ago, but
> got no response. I would like to adjust ipfw behaviour
> with fwd rules to make policy routing easier (ie. make
> it separete from filtering rules). I would just like
> some input if this makes any sense (or is possible at
> all with current design).

i suggest to implement a new action 'setnexthop' which stores the
next hop as an MTAG with the packet (so it is preserved if the
packet gets passed to dummynet).

But perhaps, rather than a specific next hop, maybe you want to
pass a reference to a different routing table instead ?

        cheers
        luigi

> >Currently the ipfw fwd rules work so that the packet
> >is accepted when fwd rule matches.
> >
> >Would it be possible just tag the packet with
> >information about next_hop and just continue processing the
> >rules ? This would make complex rulesets with policy-based
> >routing much simpler, since one could just have relevat
> >fwd statments at beginning of rule sets and then
> >filter the packets in usual way.
>
> Ari S.
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

• Previous message: Luigi Rizzo: "Re: Issues with a Large Fat pipe Network simulation"
• In reply to: Ari Suutari: "Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)"
• Next in thread: Ari Suutari: "Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)"
• Reply: Ari Suutari: "Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)"
• Reply: Jeremie Le Hen: "Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)"
• Reply: Andre Oppermann: "Re: Policy routing idea (Was: ipfw: Would it be possible tocontinue processing rest of rules after match ?)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: How do I read/interpret a (netstat) routing table ? ... I know this routing table is used to direct TCP/IP packets to their destination. ... Assume on local computer 192.168.0.14 a TCP-IP packet is arriving with the destination ... NetMask --> Makes it easier for the Router (layer 3 device, ... (microsoft.public.windowsxp.network_web) Re: Programming Question: Policy Based Routing ... My definition of Policy-Based Routing: ... address, L4 protocol, tos, packet length. ... packet and an AVL tree to store routing information in it. ... first thing is to create a generic route mask. ... (freebsd-net) Re: Programming Question: Policy Based Routing ... > My definition of Policy-Based Routing: ... > address, L4 protocol, tos, packet length. ... > packet and an AVL tree to store routing information in it. ... > first thing is to create a generic route mask. ... (freebsd-net) multiple routing tables roadmap ... packet streams to be routed by more than just the destination address. ... multiple kernel routing tables (which I will now refer to as "Forwarding Information Bases" or "FIBs" for political correctness reasons. ... Other protocol families are left untouched and should there be users with proprietary protocol families, ... To understand how this is done, one must know that the current FIB code ... (freebsd-arch) multiple routing tables roadmap ... packet streams to be routed by more than just the destination address. ... multiple kernel routing tables (which I will now refer to as "Forwarding Information Bases" or "FIBs" for political correctness reasons. ... Other protocol families are left untouched and should there be users with proprietary protocol families, ... To understand how this is done, one must know that the current FIB code ... (freebsd-net)