Page MenuHomeFreeBSD
Differential D4763

Convert pf(4) to use new routing API.
ClosedPublic
Actions

Authored by melifaro on Jan 3 2016, 1:33 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Feb 7, 2:56 PM
Unknown Object (File)
Fri, Feb 7, 2:53 PM
Unknown Object (File)
Jan 18 2025, 12:45 AM
Unknown Object (File)
Dec 23 2024, 6:43 AM
Unknown Object (File)
Dec 14 2024, 2:59 AM
Unknown Object (File)
Dec 4 2024, 3:49 PM
Unknown Object (File)
Nov 20 2024, 3:10 AM
Unknown Object (File)
Oct 2 2024, 5:55 AM
View All 97 Files
Subscribers
imp

Details

Reviewers
kp
glebius
Group Reviewers
network
Commits
rS293311: Convert pf(4) to the new routing API.
Summary

This change makes pf(4) use new routing API instead of old rtalloc/route/rte-based one.
This API eliminates scaling problems caused by rte locking. It also is more user-friendly since it delivers ready-to-use result w/o requiring to know any current routing internals.

TCP mss checks and pf_route were fully converted. pf_routable exists in 2 flavors now: stock one (converted) and radix_mpath version (left intact). Generally speaking, new API was designed to transparently handle most of multipath cases. However, new multipath implementation (which is nexthop-based, instead of rte-based) requires heavy rte modifications which, in turn, requires all (or most of) explicit 'struct rtentry' users to be converted to new API first. So, the plan is to perform full convertion (>50% already done), commit new multipath and nuke all code under RADIX_MPATH from kernel. My expectations are that this will happen in the following month or two.

Test Plan

According to dtrace checks, w/ simple rulesets like
'pass in quick fastroute' or
'pass in synproxy state | pass out synproxy state',
new api returns correct results.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

melifaro updated this revision to Diff 11873.Jan 3 2016, 1:33 PM
melifaro retitled this revision from to Convert pf(4) to use new routing API..
melifaro updated this object.
melifaro edited the test plan for this revision. (Show Details)
Herald added a subscriber: imp. · View Herald TranscriptJan 3 2016, 1:33 PM
melifaro updated this object.Jan 3 2016, 1:35 PM
melifaro added reviewers: kp, glebius, network.Jan 3 2016, 1:37 PM
kp accepted this revision.Jan 3 2016, 5:18 PM
kp edited edge metadata.
This revision is now accepted and ready to land.Jan 3 2016, 5:18 PM
melifaro updated this revision to Diff 11988.Jan 7 2016, 10:09 AM
melifaro edited edge metadata.

Do pre-commit sync: fix NOINET case.

This revision now requires review to proceed.Jan 7 2016, 10:09 AM
Closed by commit rS293311: Convert pf(4) to the new routing API. (authored by melifaro). · Explain WhyJan 7 2016, 10:20 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
sys/
netpfil/
pf/
131 lines

Diff 11989

View Options

head/sys/netpfil/pf/pf.c

Loading...