Will tryforward() make it into 2.3?
-
I couldn't find any place where it says for certain whether the new tryforward() code will make to 2.3. I know that the netmap-forward code stuff is more of a 3.x kind of feature. Thanks.
Carlos
-
It's already in (as evidenced by the fastforward tunable being gone from sysctl)
-
(why would we implement tryforward() and not put it in pfsense?)
-
Sorry folks. I didn't check for the tunable to be honest. I assumed that just because it was mentioned on the blog didn't necessarily mean that it would be implemented, especially since it wasn't mentioned anywhere outside the blog. Things happen in development and since the focus of 2.3 seems to be the UI, you folks might have decided to postpone it until the UI issues were under control. Also didn't realize that you guys were the ones that developed tryforward(). That's awesome.
Carlos
-
Things happen in development and since the focus of 2.3 seems to be the UI, you folks might have decided to postpone it until the UI issues were under control.
Misperception on your part (and many others).
These are the big items for 2.3:
-
The GUI conversion to use Bootstrap (and general cleanup, because diffs like this (https://github.com/pfsense/pfsense/commit/1af5edbf04e0e3bbbc55981f6fc404b60ff33f2b) can't be explained by "they're just converting to Bootstrap.")
-
A move to get the toolchain back to something reasonable, instead of the horrid crapfest that was pfsense-tools. This included moving from a set of patches (some of which were patches on patches) to putting those on a vendor branch.
-
Moving to a FreeBSD 10.2 base. (Might be 10.3 by the time we ship, but it's trivial to move forward. We could move to 11-CURRENT without any real effort except for the testing.)
-
Moving from PBI to pkg(ng). Note that we even package 'base' and 'kernel' now, so the whole system is upgradable with a lot less focus on releasing a BWOS than it was.
We also enabled Netmap and bhyve with a look toward the future.
Also didn't realize that you guys were the ones that developed tryforward(). That's awesome.
Thanks.
https://reviews.freebsd.org/rS290383 "Sponsored by: Rubicon Communications (Netgate)".
You know we're also the ones who enabled IPSEC by default in 11-CURRENT (probably can't make it to 10.3), and co-developed the AES-GCM module (AES-NI accelerated and not) for cryptdev(4), (this is in 10-STABLE, so it should make 10.3). and then did all the work to enable IPSec to use it, right? (This part is now in -CURRENT, but there is open debate on it being an API change sufficient to block it from 10.3-RELEASE.)
We did this, too: https://svnweb.freebsd.org/base?view=revision&revision=272906 (which is in 10.2)
There is a large list of other things we've contributed back, too.
(We also donate to the FreeBSD Foundation every year, and buy an ad in the FreeBSD Journal.)
-
-
Very nice especially when a lot of this work is going upstream for the benefit of the FreeBSD project. Very cool work. When you say that you "enabled netmap" what do you mean? I didn't think netmap was going to be a pfsense 2.x thing, more like 3.0.
One more general question, if you would be so kind: once netmap is in pfSense, do you see packet forwarding as a solved problem? Or are there even more optimizations on the horizon. Thanks.
Carlos
-
netmap is enabled
netmap-fwd is not (=the code that'll actually improve routing/forwarding)
-
Ahhh. Thanks for the clarification Heper.
Carlos
