From mboxrd@z Thu Jan  1 00:00:00 1970
From: Rene Gallati <lartc@draxinusom.ch>
Date: Tue, 30 Mar 2004 22:56:52 +0000
Subject: [LARTC] large routing table
Message-Id: <4069FB34.6000507@draxinusom.ch>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
To: lartc@vger.kernel.org

Hello List,

I have a little non-standard problem (or so I guess). I'm getting a=20
sponsored server on a backbone for almost nothing - which is quite nice.=20
However there is a string attached: Since the bandwith to foreign=20
countries is expensive, while in-land bandwith is almost free, I need to=20
shape down access to all "foreign" IPs.

Now I have a (large) list of routes/prefixes for destinations which are=20
ok - a whitelist if you want. The question I have now is, how do I best=20
proceed in using that list so that the kernel does not spend too much=20
time looking it up for every single packet.

Is the routing table hashed by default so access is fast and I can just=20
pump in the ~100KBytes of ip prefixes ? Or does it traverse them=20
linearly and I need to build a hierarchical structure so that it will be=20
fast ? (sort of like in section 12.4 of the LARTC howto with the filters?)

I've also toyed with the idea of doing it in netfilter since I know=20
netfilter quite a lot better than tc and ip but it is mostly outgoing=20
traffic that is a problem and I sort of feel that this is better done by=20
the routing/filtering infrastructure than by the firewall.

Any advice?

Thanks in advance

Ren=E9
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/