Subject: Re: Policy Routing
To: Pavel Cahyna <pavel.cahyna@st.mff.cuni.cz>
From: Ivo Vachkov <ivo.vachkov@gmail.com>
List: tech-net
Date: 06/30/2005 19:56:37
On 6/30/05, Pavel Cahyna <pcah8322@artax.karlin.mff.cuni.cz> wrote:
> On Thu, Jun 30, 2005 at 12:06:11PM +0200, Ivo Vachkov wrote:
>=20
> > Next problem: How to represent many, many different combinations of
> > routing rules in a common manner ???
> > And the answer - HASHING !!! :)
> >
> > Using the route command before kernel gets following info:
> > - dst - 192.168.0.0/24
> > - src - 192.168.1.0/24
> > - TOS - any
> > - L4 Proto - TCP (6)
> > - Length - any
> >
> > Now we use some hash function over all these values and get unique
> > value for that routing entry that corresponds to gateway 172.16.0.1.
> > We use this pair (hash value <-> gateway address) as key <-> value in
> > RADIX or AVL tree.
> >
> > On each outgoing packet we calculate it's hash over the IP Header
> > fields, search that value in the table (tree) and route it over the
>=20
> How? The hashes from the packet won't match the hashes in the table.
> Because in the table, there would be addrsss/mask entries which are not
> identical to the actual values in the packets.

Masks will be used. Just like it works now.

> Also, if you embed all the criteria in one routing table, how will you
> learn dynamic routing daemons (ospfd et al.) to add the
> source/protocol/TOS fields you need to the transient entries that they
> create in the FIB? Because now routing daemons know only about the
> dest-address criterion.

This is Quagga/Zebra developers problem :) Btw - since they support
Linux multiple routing tables it should be no harm to support NetBSD's
way ... it's just another #ifdef :)

> As the daemons (at least zebra/quagga) are modeled according to Cisco, it
> would be interesting to know how Cisco does it.

Hmm, I'm not aware Zebra/Quagga to do any policy routing ...=20

> Bye     Pavel
>=20


--=20
"UNIX is basically a simple operating system, but you have to be a
genius to understand the simplicity." Dennis Ritchie