From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <20090324213537.268005B05@mail.bitblocks.com> References: <9511f83e0903241211j711f29c7y8085d9a8744d9a87@mail.gmail.com> <9ab217670903241245o1893f818vb01ae7e30ab4d8cf@mail.gmail.com> <9511f83e0903241305p6ea4a0c5k582582e87443577d@mail.gmail.com> <20090324213537.268005B05@mail.bitblocks.com> Date: Tue, 24 Mar 2009 19:00:54 -0400 Message-ID: <9511f83e0903241600v21f4681bj846bbb6e8f69cc31@mail.gmail.com> From: Rahul Murmuria To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [9fans] Plan 9 on Routers? Topicbox-Message-UUID: c3e48e14-ead4-11e9-9d60-3106f5b1d025 So, the bottom line is no one has really explored Plan 9 on routers. It seems that /net/iproute is where I can start. It has a complete interface for editing routes. What we need is a user space script that implements routing, like http://www.openbgp.org/ does on OpenBSD. Except that, it will only have to send add, delete and flush control messages to the iproute file. This is not quite as powerful as most routers do. I remember Mauro mentioning that Cisco IOS provides, among other things, a more fine-grained control over passwords and information-hiding to the per-interface level. I wonder how that would be incorporated into Plan 9. Could namespaces come into picture here? @ Devon: About Packet Classification. I read that iptables is not needed on Plan 9 because its "mount /net over the network" concept achieved anonymity or transparency -- something along those lines. "There are no logs about who is sending what, and that is a good thing". I am not sure where exactly the packet classification idea fits in. I read in the /proc documents that /proc/net provides useful information about the network stack. There is this ip_conntrack which is used to list / track network connections. I wonder what we would need to get packet information and perform filtering. Is it desirable to get that filtering to work if it already does not exist? Thank you all for replying so far! -- Rahul Murmuria