[Gvpe] Ideas for features

Marc Lehmann schmorp at schmorp.de
Thu Aug 3 16:43:31 CEST 2006


On Wed, Jan 25, 2006 at 01:11:47PM +0300, Thomas Koeppe <thomas.koeppe at kdn.co.ke> wrote:
> 1) Traffic shaping and policing: This would be very useful to allow 
> several concurrent virtual bridges.

This, however, collides with the philosophy of gvpe: gvpe does not
duplicate code that is available elsewhere. traffic shaping is the job of
the operating system, which does a much better job.

Many vpn solutions have their own ipv4-routing and other features, which
requires users to

   a) learn a second language. somebody who knows ipv4 routing still has
      to learn another "routing language" because the vpn tool forces
      him/her to use its routing.
   b) are usually more limited than the host. linux and bsd kernels generally
      have very good routing capabilities. Duplicating all this in gvpe
      will likely result in a suboptimal implementation.

Worse, a lot of time and effort is required to reinvent the wheel. Just
use whats there already.

The above applies to any feature that is already implemented in common
operating system kernels (or elsewhere). If it isn't implemented in the
kernel you want to use, the implementing it there will help many more
people then implementing it in gvpe.

> 2) 801.2d features: View the MAC FDB, limits the FDB's size, disable MAC 
> learning (i.e. flooding mode), MAC filtering; implement (R)STP so that 
> the virtual bridge may participate in L2 topology discovery.

Likewise, all this can and should be done using your normal operating system
features. Linux offers support for all of that, duplicating it in gvpe
will cost a lot of time and will likely make it more complex and as such
fragile.

Keeping things simple is for the better, especially in security-sensitive
applications.

-- 
                The choice of a
      -----==-     _GNU_
      ----==-- _       generation     Marc Lehmann
      ---==---(_)__  __ ____  __      pcg at goof.com
      --==---/ / _ \/ // /\ \/ /      http://schmorp.de/
      -=====/_/_//_/\_,_/ /_/\_\      XX11-RIPE



More information about the gvpe mailing list