* [discuss] Flushing ippools
@ 2024-09-29 23:05 d
2024-09-30 0:18 ` Joshua M. Clulow via illumos-discuss
0 siblings, 1 reply; 4+ messages in thread
From: d @ 2024-09-29 23:05 UTC (permalink / raw)
To: discuss
I've found that I'm not the only one to ever run into trouble flushing
ippools:
ippool -F
0 objects flushed
Even deleting all rules that use the pool from both ipf rule sets
doesn't help.
The workaround is to disable/re-enable ipfilter
Is it worth making a bug report?
Thanks
------------------------------------------
illumos: illumos-discuss
Permalink: https://illumos.topicbox.com/groups/discuss/T9d062e0103867ec4-M0cf5f7e008ef75d6361c2100
Delivery options: https://illumos.topicbox.com/groups/discuss/subscription
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [discuss] Flushing ippools
2024-09-29 23:05 [discuss] Flushing ippools d
@ 2024-09-30 0:18 ` Joshua M. Clulow via illumos-discuss
2024-09-30 8:33 ` Sad Clouds
0 siblings, 1 reply; 4+ messages in thread
From: Joshua M. Clulow via illumos-discuss @ 2024-09-30 0:18 UTC (permalink / raw)
To: illumos-discuss
[-- Attachment #1: Type: text/plain, Size: 626 bytes --]
On Sun, Sep 29, 2024, 16:05 d <omnios@puptv.com> wrote:
> I've found that I'm not the only one to ever run into trouble flushing
> ippools:
>
> ippool -F
> 0 objects flushed
>
> Even deleting all rules that use the pool from both ipf rule sets
> doesn't help.
>
> The workaround is to disable/re-enable ipfilter
>
> Is it worth making a bug report?
>
Always!
------------------------------------------
illumos: illumos-discuss
Permalink: https://illumos.topicbox.com/groups/discuss/T9d062e0103867ec4-M8947fcf8fde98acc31e1ead0
Delivery options: https://illumos.topicbox.com/groups/discuss/subscription
[-- Attachment #2: Type: text/html, Size: 1446 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [discuss] Flushing ippools
2024-09-30 0:18 ` Joshua M. Clulow via illumos-discuss
@ 2024-09-30 8:33 ` Sad Clouds
2024-09-30 17:30 ` Dan McDonald
0 siblings, 1 reply; 4+ messages in thread
From: Sad Clouds @ 2024-09-30 8:33 UTC (permalink / raw)
To: illumos-discuss
[-- Attachment #1: Type: text/plain, Size: 475 bytes --]
Solaris 11.3 ported OpenBSD pf packet filter and I've seen some performance tests from FreeBSD devs where it supposedly has much better performance compared to ipf. I wonder if Illumos devs have plans to do something similar...
------------------------------------------
illumos: illumos-discuss
Permalink: https://illumos.topicbox.com/groups/discuss/T9d062e0103867ec4-Ma0c189d90dc8b7850712a10d
Delivery options: https://illumos.topicbox.com/groups/discuss/subscription
[-- Attachment #2: Type: text/html, Size: 983 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [discuss] Flushing ippools
2024-09-30 8:33 ` Sad Clouds
@ 2024-09-30 17:30 ` Dan McDonald
0 siblings, 0 replies; 4+ messages in thread
From: Dan McDonald @ 2024-09-30 17:30 UTC (permalink / raw)
To: illumos-discuss
On Sep 30, 2024, at 4:33 AM, Sad Clouds <cryintothebluesky@gmail.com> wrote:
>
> Solaris 11.3 ported OpenBSD pf packet filter and I've seen some performance tests from FreeBSD devs where it supposedly has much better performance compared to ipf. I wonder if Illumos devs have plans to do something similar...
That's a big forklift upgrade. Nobody in the community has the cycles, or the pressing-need, to perform that, no matter how good of an idea it may be.
I personally think we should decouple NAT and Firewalling. And I believe Oxide has OPTE in their suite of software that may perform some of those NAT functions, along with possibly solving other adjacent problems. (I haven't given OPTE a proper read; just a README skim.)
Dan
------------------------------------------
illumos: illumos-discuss
Permalink: https://illumos.topicbox.com/groups/discuss/T9d062e0103867ec4-Me679973dc0f1c3bfcaabc2c9
Delivery options: https://illumos.topicbox.com/groups/discuss/subscription
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2024-09-30 17:32 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-09-29 23:05 [discuss] Flushing ippools d
2024-09-30 0:18 ` Joshua M. Clulow via illumos-discuss
2024-09-30 8:33 ` Sad Clouds
2024-09-30 17:30 ` Dan McDonald
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).