This change makes pf(4) use new routing API instead of old rtalloc/route/rte-based one.
This API eliminates scaling problems caused by rte locking. It also is more user-friendly since it delivers ready-to-use result w/o requiring to know any current routing internals.

TCP mss checks and pf_route were fully converted. pf_routable exists in 2 flavors now: stock one (converted) and radix_mpath version (left intact). Generally speaking, new API was designed to transparently handle most of multipath cases. However, new multipath implementation (which is nexthop-based, instead of rte-based) requires heavy rte modifications which, in turn, requires all (or most of) explicit 'struct rtentry' users to be converted to new API first. So, the plan is to perform full convertion (>50% already done), commit new multipath and nuke all code under RADIX_MPATH from kernel. My expectations are that this will happen in the following month or two.

According to dtrace checks, w/ simple rulesets like
'pass in quick fastroute' or
'pass in synproxy state | pass out synproxy state',
new api returns correct results.