Outline of Lecture 4: Packet Processing Frameworks

A general overview of the networking system in FreeBSD and a description of how each framework fits into the system.

Berkeley Packet Filter: One of the earliest, and simplest, packet processing framworks, BPF is used not only by the tcpdump program and libpcap library, but also by applications that want raw access to filtered packets via a socket(2) interface.

IP Firewall and Dummynet: IPFW is the most commonly deployed firewall solution on FreeBSD. The lecture looks into how it works and delves into dummynet.

Packet Filter: Originally imported from OpenBSD, PF is widely used in building firewalls. The lecture compares the implementation of PF with that of IPFW and distinguish the places where one or the other of these technologies would be appropriate.

Netgraph: The netgraph system allows developers to experiment with new protocols throught the use of small packet processing modules (called nodes). Nodes allow for greater code re-use than the traditional TCP/IP stack. Netgraph implements a novel data-flow model of packet processing that is different from anything else in the FreeBSD kernel.

Netmap: The netmap framework is the latest addition to the FreeBSD kernel, allowing network applications that want raw access to packets to bypass the kernel completely, and thereby get the greatest bandwidth possible. Writing code to work with netmap is similar to writing a network device driver, and this section covers what is necesary to interact with, and efficiently use, the netmap framework.