From owner-freebsd-virtualization@FreeBSD.ORG Sun Feb 21 08:18:04 2010 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8339C106566B for ; Sun, 21 Feb 2010 08:18:04 +0000 (UTC) (envelope-from jim@sifferle.net) Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) by mx1.freebsd.org (Postfix) with ESMTP id 5216F8FC0A for ; Sun, 21 Feb 2010 08:18:04 +0000 (UTC) Received: from [192.65.23.38] (c-71-59-131-234.hsd1.wa.comcast.net [71.59.131.234]) by mrelay.perfora.net (node=mrus3) with ESMTP (Nemesis) id 0MXI1F-1OFCPN3YOr-00Wspi; Sun, 21 Feb 2010 03:05:30 -0500 From: Jim Sifferle To: freebsd-virtualization@freebsd.org Content-Type: text/plain; charset="UTF-8" Date: Sun, 21 Feb 2010 00:05:27 -0800 Message-ID: <1266739527.25137.519.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.28.2 (2.28.2-1.fc12) Content-Transfer-Encoding: 7bit X-Provags-ID: V01U2FsdGVkX19yolx5aZLWAWDYIKpc/AlV5J2tt8vvk1sRsDJ 6sTqkjgkhZM+GpepEDBFxIgedMliW12kz1gnNJcEYcpi+jKwFU 4gRBEEdONwFbyijj7QvTQ== Subject: Network simulation using jails & vimage X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2010 08:18:04 -0000 Hi, I've used ipfw and Dummynet as well as ipfw + DSCP recognition patch and pf/altq to simulate Internet and MPLS WAN environments for several years. All of my setups have run under VMWare, which for many reasons isn't ideal. I would like to collapse all of these VMs into one FreeBSD box using jails and vimages. Does any FreeBSD branch / vimage release combination support separate pf AND ipfw configurations per jail? I need ipfw+pf/altq for HFSC queuing to simulate the queueing effects of MPLS provider edge and core routers. I'm hoping the latest 7.2-STABLE-201001 snapshot will work. The DSCP recognition patch for ipfw that I rely on doesn't seem to work with 8.0. If 7.2 won't work for my needs, but 8 or 9-CURRENT will, is anyone aware of an updated ipfw DSCP patch? I haven't seen anything on Google or the freebsd-ipfw mailing list. Thanks for your time, Jim From owner-freebsd-virtualization@FreeBSD.ORG Sun Feb 21 08:35:18 2010 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5588A10656A8 for ; Sun, 21 Feb 2010 08:35:18 +0000 (UTC) (envelope-from julian@elischer.org) Received: from out-0.mx.aerioconnect.net (outq.internet-mail-service.net [216.240.47.240]) by mx1.freebsd.org (Postfix) with ESMTP id 3752F8FC3B for ; Sun, 21 Feb 2010 08:35:17 +0000 (UTC) Received: from idiom.com (postfix@mx0.idiom.com [216.240.32.160]) by out-0.mx.aerioconnect.net (8.13.8/8.13.8) with ESMTP id o1L8ZF8w002161; Sun, 21 Feb 2010 00:35:15 -0800 X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (h-67-100-89-137.snfccasy.static.covad.net [67.100.89.137]) by idiom.com (Postfix) with ESMTP id F07652D6021; Sun, 21 Feb 2010 00:35:14 -0800 (PST) Message-ID: <4B80F076.5020109@elischer.org> Date: Sun, 21 Feb 2010 00:36:06 -0800 From: Julian Elischer User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Jim Sifferle References: <1266739527.25137.519.camel@localhost> In-Reply-To: <1266739527.25137.519.camel@localhost> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.67 on 216.240.47.51 Cc: pf@freebsd.org, freebsd-virtualization@freebsd.org Subject: Re: Network simulation using jails & vimage X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2010 08:35:18 -0000 Jim Sifferle wrote: > Hi, > > I've used ipfw and Dummynet as well as ipfw + DSCP recognition patch and > pf/altq to simulate Internet and MPLS WAN environments for several > years. All of my setups have run under VMWare, which for many reasons > isn't ideal. I would like to collapse all of these VMs into one FreeBSD > box using jails and vimages. > > Does any FreeBSD branch / vimage release combination support separate pf > AND ipfw configurations per jail? I need ipfw+pf/altq for HFSC queuing > to simulate the queueing effects of MPLS provider edge and core > routers. -current (9) should be close, with patches for pf supplied by ceri. 8 can do separate ipfw but pf is not changed. 9 has bugs fixed. but I'm not sure if the changes for pf went in.. they do exis tif they are not in already. > > I'm hoping the latest 7.2-STABLE-201001 snapshot will work. The DSCP > recognition patch for ipfw that I rely on doesn't seem to work with > 8.0. > > If 7.2 won't work for my needs, but 8 or 9-CURRENT will, is anyone aware > of an updated ipfw DSCP patch? I haven't seen anything on Google or the > freebsd-ipfw mailing list. what is DSCP? > > Thanks for your time, > > Jim > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to "freebsd-virtualization-unsubscribe@freebsd.org" From owner-freebsd-virtualization@FreeBSD.ORG Sun Feb 21 08:50:07 2010 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CE3B31065676; Sun, 21 Feb 2010 08:50:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [IPv6:2001:4068:10::3]) by mx1.freebsd.org (Postfix) with ESMTP id 85D6D8FC13; Sun, 21 Feb 2010 08:50:07 +0000 (UTC) Received: from localhost (amavis.fra.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id E585A41C74D; Sun, 21 Feb 2010 09:50:06 +0100 (CET) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([192.168.74.103]) by localhost (amavis.fra.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id M2eJQJq+aYvq; Sun, 21 Feb 2010 09:50:06 +0100 (CET) Received: by mail.cksoft.de (Postfix, from userid 66) id 2807341C707; Sun, 21 Feb 2010 09:50:06 +0100 (CET) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id CE7294448EC; Sun, 21 Feb 2010 08:45:22 +0000 (UTC) Date: Sun, 21 Feb 2010 08:45:22 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Julian Elischer In-Reply-To: <4B80F076.5020109@elischer.org> Message-ID: <20100221084118.W27327@maildrop.int.zabbadoz.net> References: <1266739527.25137.519.camel@localhost> <4B80F076.5020109@elischer.org> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-415875220-1266741835=:27327" Content-ID: <20100221084413.D27327@maildrop.int.zabbadoz.net> Cc: pf@freebsd.org, FreeBSD virtualization mailing list Subject: Re: Network simulation using jails & vimage X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2010 08:50:07 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --0-415875220-1266741835=:27327 Content-Type: TEXT/PLAIN; CHARSET=ISO-8859-1; FORMAT=flowed Content-Transfer-Encoding: QUOTED-PRINTABLE Content-ID: <20100221084413.C27327@maildrop.int.zabbadoz.net> On Sun, 21 Feb 2010, Julian Elischer wrote: Hi, > Jim Sifferle wrote: >> Hi, >>=20 >> I've used ipfw and Dummynet as well as ipfw + DSCP recognition patch and >> pf/altq to simulate Internet and MPLS WAN environments for several >> years. All of my setups have run under VMWare, which for many reasons >> isn't ideal. I would like to collapse all of these VMs into one FreeBSD >> box using jails and vimages. >>=20 >> Does any FreeBSD branch / vimage release combination support separate pf >> AND ipfw configurations per jail? I need ipfw+pf/altq for HFSC queuing >> to simulate the queueing effects of MPLS provider edge and core >> routers.=20 > > -current (9) should be close, with patches for pf supplied by ceri. s,ceri,eri, (Ermal Lu=E7i) > 8 can do separate ipfw but pf is not changed. > 9 has bugs fixed. but I'm not sure if the changes for pf went in.. > they do exis tif they are not in already. No, pf hasn't gone in yet; it lives in user/eri/pf45/ in svn and I am not sure what the plans are. Apart from the latest changes 8 and 9 should be pretty much in sync wrt to VIMAGE I think. >> I'm hoping the latest 7.2-STABLE-201001 snapshot will work. The DSCP >> recognition patch for ipfw that I rely on doesn't seem to work with >> 8.0.=20 >> If 7.2 won't work for my needs, but 8 or 9-CURRENT will, is anyone aware >> of an updated ipfw DSCP patch? I haven't seen anything on Google or the >> freebsd-ipfw mailing list.=20 > > what is DSCP? I guess Differentiated Services CodePoint (if talking MPLS). /bz --=20 Bjoern A. Zeeb It will not break if you know what you are doing. --0-415875220-1266741835=:27327-- From owner-freebsd-virtualization@FreeBSD.ORG Sun Feb 21 09:14:20 2010 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CA502106566C for ; Sun, 21 Feb 2010 09:14:20 +0000 (UTC) (envelope-from jim@sifferle.net) Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by mx1.freebsd.org (Postfix) with ESMTP id A22BD8FC0A for ; Sun, 21 Feb 2010 09:14:20 +0000 (UTC) Received: from [192.65.23.38] (c-71-59-131-234.hsd1.wa.comcast.net [71.59.131.234]) by mrelay.perfora.net (node=mrus4) with ESMTP (Nemesis) id 0LpsQp-1NG6XC49N1-00f5Xn; Sun, 21 Feb 2010 04:14:17 -0500 From: Jim Sifferle To: Julian Elischer In-Reply-To: <4B80F076.5020109@elischer.org> References: <1266739527.25137.519.camel@localhost> <4B80F076.5020109@elischer.org> Content-Type: multipart/mixed; boundary="=-w58AwRQdd3WhlWyTGpuI" Date: Sun, 21 Feb 2010 01:14:13 -0800 Message-ID: <1266743653.3871.24.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.28.2 (2.28.2-1.fc12) X-Provags-ID: V01U2FsdGVkX1/X8HMJ2dJ3RDakJdJPm8NI0/l5x5XLs9QEosb IQl06pEjp7mjYiKw2WLpM6FHn0XYiIkpEplcnZMeWgZ74uh22i lQOOiBJiU1J/tXBzBSTLA== Cc: pf@freebsd.org, freebsd-virtualization@freebsd.org Subject: Re: Network simulation using jails & vimage X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2010 09:14:20 -0000 --=-w58AwRQdd3WhlWyTGpuI Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit On Sun, 2010-02-21 at 00:36 -0800, Julian Elischer wrote: > Jim Sifferle wrote: > > Hi, > > > > I've used ipfw and Dummynet as well as ipfw + DSCP recognition patch and > > pf/altq to simulate Internet and MPLS WAN environments for several > > years. All of my setups have run under VMWare, which for many reasons > > isn't ideal. I would like to collapse all of these VMs into one FreeBSD > > box using jails and vimages. > > > > Does any FreeBSD branch / vimage release combination support separate pf > > AND ipfw configurations per jail? I need ipfw+pf/altq for HFSC queuing > > to simulate the queueing effects of MPLS provider edge and core > > routers. > > -current (9) should be close, with patches for pf supplied by ceri. > > 8 can do separate ipfw but pf is not changed. > 9 has bugs fixed. but I'm not sure if the changes for pf went in.. > they do exis tif they are not in already. Hmmm... I think I need separate pf instances. I apply pf/altq QoS queues to both interfaces of the VM that simulates the MPLS provider edge router. The customer facing interface is a VLAN, and the QoS queues for this interface could be applied using the system-wide pf instance. The provider facing interface would be an eiface attached to the vimage and I don't believe available to pf at boot time. I will have to look around to see if the changes to support multiple pf instances have made it into 9-CURRENT. Where in the source tree should I look, or which mailing list would be best to ask this question on? > > I'm hoping the latest 7.2-STABLE-201001 snapshot will work. The DSCP > > recognition patch for ipfw that I rely on doesn't seem to work with > > 8.0. > > > > If 7.2 won't work for my needs, but 8 or 9-CURRENT will, is anyone aware > > of an updated ipfw DSCP patch? I haven't seen anything on Google or the > > freebsd-ipfw mailing list. > > what is DSCP? DSCP stands for Differentiated Services Code Point, a six byte field in the IP header used to differentiate between Classes of Service, and commonly used for CoS/QoS provisioning on MPLS WAN networks. The DSCP IP header field superceded the IP TOS field as of RFC 2474. Here's a pretty lightweight overview of how DSCP can be used: http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a00800949f2.shtml For those who are interested, I've attached a simple ASCII diagram of the vimage layout I envision (and currently have using VMWare). Thanks for your help... Jim --=-w58AwRQdd3WhlWyTGpuI Content-Disposition: attachment; filename="wan-emulation.txt" Content-Type: text/plain; name="wan-emulation.txt"; charset="UTF-8" Content-Transfer-Encoding: 7bit --------------------------------------------------------------------------------------------------------------------------------------------- | Cisco 2950 48 Port Switch: Site 1: Vlan 100: LAN, Vlan 101: Internet, Vlan 102: MPLS | | Site 2: Vlan 200: LAN, Vlan 201: Internet, Vlan 202: MPLS | | Site 3: Vlan 300: LAN, Vlan 301: Internet, Vlan 302: MPLS | | Site 4: Vlan 400: LAN, Vlan 401: Internet, Vlan 402: MPLS | | | | Trunk Trunk Trunk Trunk | --------------------|-------------------------------|-------------------------------|-------------------------------|------------------------ | | | | / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ --------------------------------------------------------------------------------------------------------------------------------------------- | | | | | | | | | | | | | | | | | | | | | | ---------------------- | ---------------------- | ---------------------- | ---------------------- | | | | | | | | | | | | | | | | | | MPLS PE RTR Vimage | | | MPLS PE RTR Vimage | | | MPLS PE RTR Vimage | | | MPLS PE RTR Vimage | | | | | x2 Interfaces | | | x2 Interfaces | | | x2 Interfaces | | | x2 Interfaces | | | | | (Vlan 102, eiface) | | | (Vlan 202, eiface) | | | (Vlan 302, eiface) | | | (Vlan 302, eiface) | | | | | IPFW+DSCP/ALTQ | | | IPFW+DSCP/ALTQ | | | IPFW+DSCP/ALTQ | | | IPFW+DSCP/ALTQ | | | | | Quagga bgpd | | | Quagga bgpd | | | Quagga bgpd | | | Quagga bgpd | | | | ---------------------- | ---------------------- | ---------------------- | ---------------------- | | | | | | | | | | | | | | | | | | | | | | | ---------------------------------------------------------------------------------------------------------------------- | | | | : : : | | | | | : : : | | | | | MPLS Cloud RTR Vimage: x4 Interfaces (Via MPLS PE Router Vimages); IPFW + Dummynet Pipes / Quagga bgpd | | | | | : : : | | | | | : : : | | | | ---------------------------------------------------------------------------------------------------------------------- | | | | | | | | | | | | | | | | | | | | -------------------------------------------------------------------------------------------------------------------------- | | | | | | | | | | | Internet Cloud RTR Vimage: x4 Interfaces (Vlan 101, 201, 301, 401); IPFW + Dummynet Pipes; Static routing | | | | | | | | | | | -------------------------------------------------------------------------------------------------------------------------- | | | |-------------------------------------------------------------------------------------------------------------------------------------------- --=-w58AwRQdd3WhlWyTGpuI-- From owner-freebsd-virtualization@FreeBSD.ORG Sun Feb 21 09:24:40 2010 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D72EC1065672; Sun, 21 Feb 2010 09:24:40 +0000 (UTC) (envelope-from jim@sifferle.net) Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) by mx1.freebsd.org (Postfix) with ESMTP id 88B8F8FC0C; Sun, 21 Feb 2010 09:24:40 +0000 (UTC) Received: from [192.65.23.38] (c-71-59-131-234.hsd1.wa.comcast.net [71.59.131.234]) by mrelay.perfora.net (node=mrus3) with ESMTP (Nemesis) id 0MCLMH-1NsATa0z0j-009siq; Sun, 21 Feb 2010 04:24:38 -0500 From: Jim Sifferle To: Julian Elischer In-Reply-To: <1266743653.3871.24.camel@localhost> References: <1266739527.25137.519.camel@localhost> <4B80F076.5020109@elischer.org> <1266743653.3871.24.camel@localhost> Content-Type: text/plain; charset="UTF-8" Date: Sun, 21 Feb 2010 01:24:34 -0800 Message-ID: <1266744274.3871.26.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.28.2 (2.28.2-1.fc12) Content-Transfer-Encoding: 7bit X-Provags-ID: V01U2FsdGVkX1/1ElDkZGpRhMOEPntSOep+4VBi1lZK+wtAWac HHYZJUQAWqDXMZNtXDVg5Q9xt/n9yJgzDMZ9LssYoFKPKvz7ys nSpmefeGICkoJE/38FInA== Cc: pf@freebsd.org, freebsd-virtualization@freebsd.org Subject: Re: Network simulation using jails & vimage X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2010 09:24:40 -0000 On Sun, 2010-02-21 at 01:14 -0800, Jim Sifferle wrote: > > what is DSCP? > > DSCP stands for Differentiated Services Code Point, a six byte field in I should have proofread better... the DSCP field is six bits, not bytes. :) Jim From owner-freebsd-virtualization@FreeBSD.ORG Sun Feb 21 17:13:29 2010 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E758C106566B; Sun, 21 Feb 2010 17:13:29 +0000 (UTC) (envelope-from julian@elischer.org) Received: from out-0.mx.aerioconnect.net (outt.internet-mail-service.net [216.240.47.243]) by mx1.freebsd.org (Postfix) with ESMTP id C53588FC12; Sun, 21 Feb 2010 17:13:29 +0000 (UTC) Received: from idiom.com (postfix@mx0.idiom.com [216.240.32.160]) by out-0.mx.aerioconnect.net (8.13.8/8.13.8) with ESMTP id o1LHDROk002788; Sun, 21 Feb 2010 09:13:27 -0800 X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (h-67-100-89-137.snfccasy.static.covad.net [67.100.89.137]) by idiom.com (Postfix) with ESMTP id 553872D6013; Sun, 21 Feb 2010 09:13:27 -0800 (PST) Message-ID: <4B8169EB.4030100@elischer.org> Date: Sun, 21 Feb 2010 09:14:19 -0800 From: Julian Elischer User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: "Bjoern A. Zeeb" References: <1266739527.25137.519.camel@localhost> <4B80F076.5020109@elischer.org> <20100221084118.W27327@maildrop.int.zabbadoz.net> In-Reply-To: <20100221084118.W27327@maildrop.int.zabbadoz.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.67 on 216.240.47.51 Cc: pf@freebsd.org, FreeBSD virtualization mailing list Subject: Re: Network simulation using jails & vimage X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2010 17:13:30 -0000 Bjoern A. Zeeb wrote: > On Sun, 21 Feb 2010, Julian Elischer wrote: > > Hi, > >> Jim Sifferle wrote: >>> Hi, >>> >>> I've used ipfw and Dummynet as well as ipfw + DSCP recognition patch and >>> pf/altq to simulate Internet and MPLS WAN environments for several >>> years. All of my setups have run under VMWare, which for many reasons >>> isn't ideal. I would like to collapse all of these VMs into one FreeBSD >>> box using jails and vimages. >>> >>> Does any FreeBSD branch / vimage release combination support separate pf >>> AND ipfw configurations per jail? I need ipfw+pf/altq for HFSC queuing >>> to simulate the queueing effects of MPLS provider edge and core >>> routers. >> >> -current (9) should be close, with patches for pf supplied by ceri. > > s,ceri,eri, (Ermal Luçi) err yeah.. it'd be nice if itcould get committed Ermal, is it ready? > > >> 8 can do separate ipfw but pf is not changed. >> 9 has bugs fixed. but I'm not sure if the changes for pf went in.. >> they do exis tif they are not in already. > > No, pf hasn't gone in yet; it lives in user/eri/pf45/ in svn and I am > not sure what the plans are. > > Apart from the latest changes 8 and 9 should be pretty much in sync > wrt to VIMAGE I think. > > >>> I'm hoping the latest 7.2-STABLE-201001 snapshot will work. The DSCP >>> recognition patch for ipfw that I rely on doesn't seem to work with >>> 8.0. If 7.2 won't work for my needs, but 8 or 9-CURRENT will, is >>> anyone aware >>> of an updated ipfw DSCP patch? I haven't seen anything on Google or the >>> freebsd-ipfw mailing list. >> >> what is DSCP? > > I guess Differentiated Services CodePoint (if talking MPLS). > > > /bz > From owner-freebsd-virtualization@FreeBSD.ORG Tue Feb 23 10:33:45 2010 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AFBC5106568F; Tue, 23 Feb 2010 10:33:45 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from mail-ww0-f54.google.com (mail-ww0-f54.google.com [74.125.82.54]) by mx1.freebsd.org (Postfix) with ESMTP id 199638FC12; Tue, 23 Feb 2010 10:33:44 +0000 (UTC) Received: by wwb22 with SMTP id 22so726266wwb.13 for ; Tue, 23 Feb 2010 02:33:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:from:date:x-google-sender-auth:message-id:subject:to:cc :content-type; bh=bCe3hLnxPrlI311b2t9toxT5/MhFKAQpwOIey/0KnV8=; b=sFpmnEGehxudXawiFUZ3Jp2FPJ6++TLiR9CugKkgre0WqbKGmYLh8StIl6y0GepwbI XwRqatVk8isYe/sgsi9Bjit1HkNmlEoK57N4D9X5yYYggDSwa//DIk8/uWaQ42aICb8/ x4ZhLIlZN0lKxgOWAn/eskRnH1y3RQWt2ds3Y= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; b=qO8YSMfk+psTv5+mGM9BeJlpevVCTuRZDiOpuLtjcVTyRWxHGTOaxgv0aBECbX6eKI u8jTZirji1EZzq1rV3qHI/S7OW/jU+v/vIkvf5rxByRHsD/rUgFn4vI6/v+irSLth/Jl /zZSzSdOWEuPER7teBXYWGBKkXZD0OMLYt2ug= MIME-Version: 1.0 Sender: ermal.luci@gmail.com Received: by 10.216.86.85 with SMTP id v63mr985531wee.32.1266919883143; Tue, 23 Feb 2010 02:11:23 -0800 (PST) In-Reply-To: <4B8169EB.4030100@elischer.org> References: <1266739527.25137.519.camel@localhost> <4B80F076.5020109@elischer.org> <20100221084118.W27327@maildrop.int.zabbadoz.net> <4B8169EB.4030100@elischer.org> From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= Date: Tue, 23 Feb 2010 11:11:03 +0100 X-Google-Sender-Auth: 4f99a8d287dd534a Message-ID: <9a542da31002230211k2fb5d99do7ed574a8cd94f4d9@mail.gmail.com> To: Julian Elischer X-Mailman-Approved-At: Tue, 23 Feb 2010 10:36:46 +0000 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: "Bjoern A. Zeeb" , FreeBSD virtualization mailing list , pf@freebsd.org Subject: Re: Network simulation using jails & vimage X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Feb 2010 10:33:45 -0000 On Sun, Feb 21, 2010 at 6:14 PM, Julian Elischer wrote= : > Bjoern A. Zeeb wrote: > >> On Sun, 21 Feb 2010, Julian Elischer wrote: >> >> Hi, >> >> Jim Sifferle wrote: >>> >>>> Hi, >>>> >>>> I've used ipfw and Dummynet as well as ipfw + DSCP recognition patch a= nd >>>> pf/altq to simulate Internet and MPLS WAN environments for several >>>> years. All of my setups have run under VMWare, which for many reasons >>>> isn't ideal. I would like to collapse all of these VMs into one FreeB= SD >>>> box using jails and vimages. >>>> >>>> Does any FreeBSD branch / vimage release combination support separate = pf >>>> AND ipfw configurations per jail? I need ipfw+pf/altq for HFSC queuin= g >>>> to simulate the queueing effects of MPLS provider edge and core >>>> routers. >>>> >>> >>> -current (9) should be close, with patches for pf supplied by ceri. >>> >> >> s,ceri,eri, (Ermal Lu=E7i) >> > > err yeah.. > > it'd be nice if itcould get committed > > Ermal, is it ready? > > It is usable look at http://svn.freebsd.org/base/user/eri/pf45/head/. For vnet pfsync/pflow/pflog needs some fixes still. > > >> >> 8 can do separate ipfw but pf is not changed. >>> 9 has bugs fixed. but I'm not sure if the changes for pf went in.. >>> they do exis tif they are not in already. >>> >> >> No, pf hasn't gone in yet; it lives in user/eri/pf45/ in svn and I am >> not sure what the plans are. >> >> Apart from the latest changes 8 and 9 should be pretty much in sync >> wrt to VIMAGE I think. >> >> >> I'm hoping the latest 7.2-STABLE-201001 snapshot will work. The DSCP >>>> recognition patch for ipfw that I rely on doesn't seem to work with >>>> 8.0. If 7.2 won't work for my needs, but 8 or 9-CURRENT will, is anyon= e >>>> aware >>>> of an updated ipfw DSCP patch? I haven't seen anything on Google or t= he >>>> freebsd-ipfw mailing list. >>>> >>> >>> what is DSCP? >>> >> >> I guess Differentiated Services CodePoint (if talking MPLS). >> >> >> /bz >> >> > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > --=20 Ermal