On Saturday 19 July 2014 13:06:52 Baptiste Daroussin wrote: > On Fri, Jul 18, 2014 at 03:22:18PM -0400, Allan Jude wrote: > > On 2014-07-18 15:07, Adrian Chadd wrote: > > > On 18 July 2014 07:34, krad <kraduk_at_gmail.com> wrote: > > >> that is true and I have not problem using man pages, however thats not > > >> the > > >> way most of the world work and search engines arent exactly new either. > > >> We > > >> should be trying to engage more people not less, and part of that is > > >> reaching out. > > > > > > Then do the port and maintain it. > > > > > > The problem isn't the desire to keep things up to date, it's a lack of > > > people who want that _and_ are willing/able to do it _and_ are funded > > > somehow. > > > > > > So, please step up! We'll all love you for it. > > > > > > > > > > > > -a > > > _______________________________________________ > > > freebsd-current_at_freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-current > > > To unsubscribe, send any mail to > > > "freebsd-current-unsubscribe_at_freebsd.org" > > > > At vBSDCon Bapt_at_ volunteered to port the newer pf back to FreeBSD, after > > spending some hours driving with Henning. > > I tried and broke pf for month and my changes have been reverted, this is > not as simple as it looks like, our code as diverge a lot in some part and > we do support things that openbsd does not (vimage). Sync features requires > us to be very careful, my priorities went elsewhere since that time, so now > I will probably only focus on bringing features I care about, and not the > entirely new pf. > > So no do not count me as volunteer to maintain pf, I ll probably do some > work but not a full sync. If anyone is looking for a really useful chunk to work on, please go back over the pf history in openbsd and find where they added ipv6 fragment support. It was fairly well contained and didn't appear to be a big deal to port. They did do something with mbuf tags that I'm suspicious of though. IPv6 fragments are the biggest pain point we have on the freebsd.org cluster - yes, we use pf and IPv6 extensively, but dns with ipv6 involved is really painful without fragment support. We sort-of work around it by using dedicated IPv6 address that has nothing but the dns resolver clients and allow ipv6 fragments to it. Its not ideal but it gets over the worst problems. The other thing we had to do for usability is stop state tracking for udp dns - the sheer update rate was causing collisions and state drops / resets of other connections to the point of being really hard to use. Those two tweaks - stopping heavy dns use from thrashing the state tables, and having a safe place to send fragments makes it quite usable for freebsd.org. But, lack of ipv6 fragment processing still causes ongoing pain. That's our #1 wish list item for the cluster. -- Peter Wemm - peter_at_wemm.org; peter_at_FreeBSD.org; peter_at_yahoo-inc.com; KI6FJV UTF-8: for when a ' or ... just won\342\200\231t do\342\200\246
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:50 UTC