Date: Tue, 28 May 2002 17:38:05 -0700 From: "Mike Grissom" <mikeyg@igalaxy.net> To: <freebsd-questions@freebsd.org> Subject: Re: configuring dummynet/ipfw in bridging mode Message-ID: <09a001c206a9$19ba61c0$0301a8c0@mikeyg> References: <F10E013C394AD411A2F10008C75DF4823D4383@xch-knt-01.nw.nos.boeing.com>
next in thread | previous in thread | raw e-mail | index | archive | help
With bridge enabled, you cannot use the "out" keyword in the rules because say it comes in on say fxp0 and goes out on fxp1, that means that fxp1 is actually sending it out so you would use "via fxp1" ----- Original Message ----- From: "Albuquerque, Marcelo M" <marcelo.m.albuquerque@boeing.com> To: <freebsd-questions@FreeBSD.ORG> Sent: Tuesday, May 28, 2002 5:14 PM Subject: configuring dummynet/ipfw in bridging mode > I am using FreeBSD 4.5 and have 3 NIC cards installed. Traffic is being > bridged between the three interfaces. I am trying to configure ipfw such > that I can have different impairments (delay, losses, etc..) between each > possible pair of NIC cards. It seems to be a simple setup but I'm having > problems getting it to work. The following is my testbed setup: > > ___________________ > | | > 192.168.1.1 ------------ | FreeBSD 4.5 Bridge | ------------ > 192.168.1.2 > |___________________| > | > | > 192.168.1.3 > > The following command works fine: ' ipfw add 100 deny ip from any to any > in recv fxp0 ' > The result is that when I ping from or to the ip address connected to fxp0 > it will timeout. > > I expected the same to happen with the following command: ' ipfw add 100 > deny ip from any to any out xmit fxp0 ' > The result is that pings from or to the ip address connected to fxp0 are > successful. The same happens if I replace 'xmit' with 'recv' > > My ultimate goal is to use the following command: ' ipfw add 100 deny ip > from any to any out recv fxp0 xmit fxp0 ' > This will also fail like in the previous case, even though this command is > shown as an example in the ipfw(8) documentation. This will allow me to have > a set of impairments for each pair of NICs, in each direction. > > The same thing happen if a pipe is created and configured with impairments > such as a 100ms delay. > > Can anyone help me figure out what is wrong with my setup/configuration. > > Thanks. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?09a001c206a9$19ba61c0$0301a8c0>