public inbox for discuss@lists.illumos.org (since 2011-08)
 help / color / mirror / Atom feed
* [discuss] Flushing ippools
@ 2024-09-29 23:05 d
  2024-09-30  0:18 ` Joshua M. Clulow via illumos-discuss
  0 siblings, 1 reply; 4+ messages in thread
From: d @ 2024-09-29 23:05 UTC (permalink / raw)
  To: discuss

I've found that I'm not the only one to ever run into trouble flushing 
ippools:

ippool -F
0 objects flushed

Even deleting all rules that use the pool from both ipf rule sets 
doesn't help.

The workaround is to disable/re-enable ipfilter

Is it worth making a bug report?

Thanks


------------------------------------------
illumos: illumos-discuss
Permalink: https://illumos.topicbox.com/groups/discuss/T9d062e0103867ec4-M0cf5f7e008ef75d6361c2100
Delivery options: https://illumos.topicbox.com/groups/discuss/subscription

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [discuss] Flushing ippools
  2024-09-29 23:05 [discuss] Flushing ippools d
@ 2024-09-30  0:18 ` Joshua M. Clulow via illumos-discuss
  2024-09-30  8:33   ` Sad Clouds
  0 siblings, 1 reply; 4+ messages in thread
From: Joshua M. Clulow via illumos-discuss @ 2024-09-30  0:18 UTC (permalink / raw)
  To: illumos-discuss

[-- Attachment #1: Type: text/plain, Size: 626 bytes --]

On Sun, Sep 29, 2024, 16:05 d <omnios@puptv.com> wrote:

> I've found that I'm not the only one to ever run into trouble flushing
> ippools:
>
> ippool -F
> 0 objects flushed
>
> Even deleting all rules that use the pool from both ipf rule sets
> doesn't help.
>
> The workaround is to disable/re-enable ipfilter
>
> Is it worth making a bug report?
>

Always!

------------------------------------------
illumos: illumos-discuss
Permalink: https://illumos.topicbox.com/groups/discuss/T9d062e0103867ec4-M8947fcf8fde98acc31e1ead0
Delivery options: https://illumos.topicbox.com/groups/discuss/subscription

[-- Attachment #2: Type: text/html, Size: 1446 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [discuss] Flushing ippools
  2024-09-30  0:18 ` Joshua M. Clulow via illumos-discuss
@ 2024-09-30  8:33   ` Sad Clouds
  2024-09-30 17:30     ` Dan McDonald
  0 siblings, 1 reply; 4+ messages in thread
From: Sad Clouds @ 2024-09-30  8:33 UTC (permalink / raw)
  To: illumos-discuss

[-- Attachment #1: Type: text/plain, Size: 475 bytes --]

Solaris 11.3 ported OpenBSD pf packet filter and I've seen some performance tests from FreeBSD devs where it supposedly has much better performance compared to ipf. I wonder if Illumos devs have plans to do something similar...
------------------------------------------
illumos: illumos-discuss
Permalink: https://illumos.topicbox.com/groups/discuss/T9d062e0103867ec4-Ma0c189d90dc8b7850712a10d
Delivery options: https://illumos.topicbox.com/groups/discuss/subscription

[-- Attachment #2: Type: text/html, Size: 983 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [discuss] Flushing ippools
  2024-09-30  8:33   ` Sad Clouds
@ 2024-09-30 17:30     ` Dan McDonald
  0 siblings, 0 replies; 4+ messages in thread
From: Dan McDonald @ 2024-09-30 17:30 UTC (permalink / raw)
  To: illumos-discuss

On Sep 30, 2024, at 4:33 AM, Sad Clouds <cryintothebluesky@gmail.com> wrote:
> 
> Solaris 11.3 ported OpenBSD pf packet filter and I've seen some performance tests from FreeBSD devs where it supposedly has much better performance compared to ipf. I wonder if Illumos devs have plans to do something similar...

That's a big forklift upgrade.  Nobody in the community has the cycles, or the pressing-need, to perform that, no matter how good of an idea it may be.

I personally think we should decouple NAT and Firewalling.  And I believe Oxide has OPTE in their suite of software that may perform some of those NAT functions, along with possibly solving other adjacent problems.  (I haven't given OPTE a proper read; just a README skim.)

Dan


------------------------------------------
illumos: illumos-discuss
Permalink: https://illumos.topicbox.com/groups/discuss/T9d062e0103867ec4-Me679973dc0f1c3bfcaabc2c9
Delivery options: https://illumos.topicbox.com/groups/discuss/subscription

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2024-09-30 17:32 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-09-29 23:05 [discuss] Flushing ippools d
2024-09-30  0:18 ` Joshua M. Clulow via illumos-discuss
2024-09-30  8:33   ` Sad Clouds
2024-09-30 17:30     ` Dan McDonald

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).