I have just release ethfilter version 1.0.0 on sourceforge:
http://sourceforge.net/projects/ethfilter
ethfilter is a ethernet layer packet filter which, amongst other things,
permits multiple 802.1D bridges to operate on a single Linux machine. It
does this by creating multiple virutal network devices (layered on top
of a single physical ethernet interface) and configuring each to
accept/receive Ethernet frames that match different layer 2 and/or layer
3 QoS parameters (e.g. DiffServ/IP Precedence and/or 802.1Q and/or 802.3
MAC address).
Each virtual network device (ethfilter device) can then be attached to a
seperate 802.1D bridge so that ethernet traffic can be bridged based on
source MAC address, layer 3 precedence (IP Tos Precedence field in IP
header), layer 2 precedence (priority field in 802.1Q ethernet header)
and VLAN identifier (again defined in 802.1Q ethernet header).
ethfilter is particularly useful when it is necessary to bridge ethernet
traffic which has different quality of service (QoS) requirements.
Ethernet frames coming for a Voice over IP (VoIP) or Video on Demand
(VoD) application have real-time demands and are sensitive to delay and
jitter (i.e. they are isochronous in nature). On the other hand,
Ethernet frames coming from a web browser application or ftp session are
much more tolerent to delay and delay variation. Thus when bridging
ethernet traffic it is sensible to bridge/route VoIP/VoD traffic over a
network which offers minimal jitter and delay and bridge/route traffic
from a web browser over one that isn''t. This is where ethfilter comes
it.
Here''s an example of how the ethfilter could be used in
conjunction with two 802.1D bridges to bridge 802.1q tagged
Ethernet frames over one RFC2684 ATM/AAL5 VC and all other
(untagged) frames over a second.
---------------------------------
| bridge 0 | bridge 1 |
---------------------------------
| nas32 | eth0,0 | eth0,1 | nas33 |
------- ----------------- -------
| AAL5 | eth0 | AAL5 |
------- ----------------- -------
| ATM | | ATM |
------- -------
This project is designed to run on Linux and is a patch to kernel
version 2.4.31.
To subscribe to the ethfilter mailing list here:
http://lists.sourceforge.net/lists/listinfo/ethfilter-general
Dave
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
Carl-Daniel Hailfinger
2005-Jun-28 15:47 UTC
Re: ethfilter - layer 2/3 ethernet packet filter
Hi, Dave Pegler schrieb:> I have just release ethfilter version 1.0.0 on sourceforge: > > http://sourceforge.net/projects/ethfilter > > ethfilter is a ethernet layer packet filter which, amongst other things, > permits multiple 802.1D bridges to operate on a single Linux machine. It > does this by creating multiple virutal network devices (layered on top > of a single physical ethernet interface) and configuring each to > accept/receive Ethernet frames that match different layer 2 and/or layer > 3 QoS parameters (e.g. DiffServ/IP Precedence and/or 802.1Q and/or 802.3 > MAC address).How is this different from ebtables+iptables on traditional linux bridges?> This project is designed to run on Linux and is a patch to kernel > version 2.4.31.And why did you develop this on an obsolete kernel tree? Regards, Carl-Daniel -- http://www.hailfinger.org/ ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click