On 17 Apr 2004, Julian Elischer wrote: > On Sat, 17 Apr 2004, Andrew Thompson wrote: > > I have ported over the bridging code from NetBSD and am looking for feedback. > > My main question is, 'do people want this in the tree?' > > > > The benefits over the current bridge are: > > * ability to manage the bridge table > > * spanning tree support > > * the snazzy brconfig utility > > * clonable pseudo-interface (is that a benefit?) > > Do we need THREE bridging systems? > If you need features you culd probably add them pretty easily to one or > the other of the existing bridging modules.. I was going to refrain from responding, but now I feel it necessary. If for no other reason, with the addition of pf (another fantastic OpenBSD contribution) to the base FreeBSD system, it actually seemed to make a lot of sense to import some of their other network code. All you'd need now is ALTQ and you're in business! :) Seriously though. IPFW and IPF are both options. Now PF is also an option. Someone else pointed out that ng_bridge was not too happy acting as a bridged firewall and last time I tried using the base bridge options, both IPFW and IPF had serious limitations. If the integration between PF and this OpenBSD bridge code stays the same as it is in OpenBSD natively, it could only be a good thing for FreeBSD to finally be able to act as a full fledged, bridged firewall. I had gone with OpenBSD for a Snort project acting as an invisible bridged firewall over FreeBSD for this very reason. And as I mentioned earlier, if you throw in ALTQ, you could add some pretty intelligent, transparent shapers/firewalls/sniffers to your network. Plus you'd ideally get the SMPng boost in FreeBSD that isn't presnet in OpenBSD [yet, since SMP is being worked on finally in OpenBSD]. Just my two cents worth. I think the more options the better, especially if all the features come along with it. -- Mark Nipper e-contacts: Computing and Information Services nipsy_at_tamu.edu Texas A&M University http://ops.tamu.edu/nipsy/ College Station, TX 77843-3142 AIM/Yahoo: texasnipsy ICQ: 66971617 (979)575-3193 MSN: nipsy_at_tamu.edu -----BEGIN GEEK CODE BLOCK----- GG/IT d- s++:+ a- C++$ UBL+++$ P--->+++ L+++$ E--- W++ N+ o K++ w(---) O++ M V(--) PS+++(+) PE(--) Y+ PGP++(+) t 5 X R tv b+++ DI+(++) D+ G e h r++ y+(**) ------END GEEK CODE BLOCK------ ---begin random quote of the moment--- The ships hung in the sky in much the same way that bricks don't. -- Douglas Adams ----end random quote of the moment----Received on Fri Apr 16 2004 - 22:30:37 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:51 UTC