bug-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GSoC: the plan for the project network virtualization


From: olafBuddenhagen
Subject: Re: GSoC: the plan for the project network virtualization
Date: Wed, 2 Jul 2008 05:10:25 +0200
User-agent: Mutt/1.5.18 (2008-05-17)

Hi,

On Mon, Jun 30, 2008 at 04:44:36PM +0200, zhengda wrote:

> I said the multiplexer (or the hypervisor, I'm not very sensitive to
> the  name:-) can have multiple interfaces and there was a "filter"
> behind  every interface. The filter here actually means the BPF
> implementation (maybe this  confused you). But I didn't think about
> who gave the filter rules.

Ah, I see. So there was some confusion between the (optionally)
optimized internal implementation, and how it appears to the outside...

> At the beginning, I thought the rules associated with an interface
> could  apply to all clients connected to the interface, so the rules
> might be  from the user who creates the interface. But as you said,
> every client can give its own rules and the rule can be  from the
> pfinet server and even the filter translator.

Right.

Note however that making the multiplexer handle rules both from the
clients and from filter translators is not trivial. It requires figuring
out how to merge rules correctly; it requires making sure that the
client can never override rules set by the filter translator.

That's why I suggest leaving this optimization for a later step;
initially having the filter translator run its own BPF implementation,
and the multiplexer only handle the client rules. So the filter and the
multiplexer are really seperate, not only in function, but also in
implementation.

-antrik-




reply via email to

[Prev in Thread] Current Thread [Next in Thread]