> > On Jan 14 2008 10:53, Patrick McHardy wrote: >>> >>> - tc is a real black-box to most users; >>> lack of documentation (despite lartc.org efforts) >> >> That should be fixed by writing documentation, not code :) > > I would rather try obsoleting it. > >>> At which point I would be asking: why is tc trying to do the same >>> as netfilter mangling targets? >> >> Well, true, it would be nice to be able to do this within >> netfilter without TC actions. But adding a new chain to the >> raw table is a high price, every new netfilter hooks costs >> quite a bit of performance. Why not simply do this in the >> mangle table? That will also make rerouting in OUTPUT work >> as a side effect. > > That may just work. > >> Another issue is IPv6 support. Everyone agrees that we don't >> want to support IPv6 NAT. So this would have to be removed. > > There is a need for IPv6 (conntrackful) NAT actually, just like there is > for DHCPv6. Hiding hosts (you want websites to know how many devices you > have?) or when your ISP runs a pay-per-address model. I'll second that with transparent service proxying. We all agree its not nice and should be avoided, but there are real-world situations that need it in some form. Amos Jeffries Squid Development Team - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
