Hi All
I have nonstandard network task for my FreeBSD box: many VLANs bridged
together via bridge interface and specific multicast traffic must be
send from one VLAN to many (but not all) other VLANs.
I use ipfw to block traffic on unwanted outgoing interfaces.
And my answer: which ipfw rules more optimal 1 or 2 (see 1 and 2 later)
when I have about 100 incoming multicast and about 100 vlans?
1
=====
ipfw table Mcast1_iface_out create type iface
ipfw table Mcast1_iface_out add vlan20
ipfw table Mcast1_iface_out add vlan30
ipfw table Mcast1_iface_out add vlan40
ipfw add 25000 allow udp from IP1 to mcast1 out via table(Mcast1_iface_out)
ipfw table Mcast2_iface_out create type iface
ipfw table Mcast2_iface_out add vlan20
ipfw table Mcast2_iface_out add vlan30
ipfw add 35000 allow udp from IP1 to mcast2 out via table(Mcast2_iface_out)
ipfw table All_vlans create type iface
ipfw table All_vlans add vlan20
ipfw table All_vlans add vlan30
ipfw table All_vlans add vlan40
ipfw add 50000 deny udp from any to any via table(All_vlans)
=====
2
=====
ipfw table Mcast_vlan20_out create type addr
ipfw table Mcast_vlan20_out add 232.10.20.1/32
ipfw table Mcast_vlan20_out add 232.10.20.2/32
ipfw table Mcast_vlan20_out add 232.10.20.3/32
ipfw add 25000 allow udp from IP1 to table(Mcast_vlan20_out) out via vlan20
ipfw add 25001 deny udp from any to any via vlan20
ipfw table Mcast_vlan30_out create type addr
ipfw table Mcast_vlan30_out add 232.10.20.1/32
ipfw table Mcast_vlan30_out add 232.10.20.2/32
ipfw table Mcast_vlan30_out add 232.10.55.5/32
ipfw add 35000 allow udp from IP1 to table(Mcast_vlan30_out) out via vlan30
ipfw add 35001 deny udp from any to any via vlan30
=====
Thanks for your advise!
--
CU,
Victor Gamov
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[email protected]"
