Date: Wed, 22 Jan 2003 20:58:05 -0500 (EST) From: Orlando Reis <orlandor@m-net.arbornet.org> To: freebsd-questions@FreeBSD.ORG, <stable@FreeBSD.ORG> Subject: IPFW question in 2.2.8 release? Message-ID: <20030122203818.G2277-100000@m-net.arbornet.org>
next in thread | raw e-mail | index | archive | help
Hi, I'm sorry to bother you all, but I have the following questions, I'm
using freebsd 2.2.8 with custom gated daemon that supports QoSR, I was
told to some tests with ipfw using dummynet "extension" all goes whell
when after 5 or 6 minutes of test and I thing IPFW fails,
if I do ipfw -a l
I got this result:
00100 482 31538 pipe 1 tcp from any to any
00100 482 0 pipe 2 tcp from any to any
00100 84236 123463858 pipe 3 tcp from any to any
00100 83898 123450062 pipe 4 tcp from any
00100 794 31538 deny ip from any to any
My guess is the firewall queues are full and it stops forwarding packets?
I cannot upgrade the freebsd version on any off the machines :( can
someone give me some hint on how to resolve this?
I requested some help to Luigi Rizio but I still haven't received reply...
This was the message I sen't him(with a more elaborated question, but
still the same problem):
I'm testing a QoS Routing prototype that we have implemented in Gated.
I'm running five minutes test's, every five experiences of five minutes, I
change parameters in
our changed gated, without ipfw I've reached a pretty good solution. But
my problem is when
I use ipfw to simulate Wan effect's such as delay, bandwidth, loss, etc...
Until this point I'm solving the problem with following sequence of events
in my dummynet routers.
stop gated; clear all in ipfw(including the pipes); construct the ipfw
pipes, and then start gated again.
my problem is that after 10 minutes of testing the queues get to full in
ipfw and i stop communication between
dummynet routers and my normal routers(that's what I thinnk is happening).
Rx - means router x
DRy - means dummynet router y
On R1 and R5 I have 4 endpoint's attached each through a switch in each
one, which I use to generate and receive
the traffic for further study.
/ R2 - - - - DR1\
/ \
/ \
4 Endp's - - - R1 - - - R3 - - - - DR2----- R5 - - - - - 4 Endp's.
\ /
\ /
\ R4 - - - - DR3 /
I'm using the ipfw that comes with freebsd 2.2.8 , hosts are
DR1 - Intel celeron 333 , 128 Mg, freebsd 2.2.8 , original gated 3.5.11
DR2 - Intel celeron 333 , 128 Mg, freebsd 2.2.8 , original gated 3.5.11
DR3 - Intel celeron 333 , 128 Mg, freebsd 2.2.8 , original gated 3.5.11
R1 - Intel celeron 466 , 128 Mg, freebsd 2.2.8 , changed gated 3.5.11
R2 - Intel celeron 466 , 128 Mg, freebsd 2.2.8 , changed gated 3.5.11
R3 - Intel celeron 466 , 128 Mg, freebsd 2.2.8 , changed gated 3.5.11
R4 - Intel celeron 466 , 128 Mg, freebsd 2.2.8 , changed gated 3.5.11
R5 - Intel celeron 466 , 128 Mg, freebsd 2.2.8 , changed gated 3.5.11
ipfw rules are simple:
ipfw add pipe 1 ip from any to any via xl0
ipfw add pipe 2 ip from any to any
ipfw pipe 1 config delay 30ms
ipfw pipe 2 config delay 0ms
where xl0 connection is between(DR1<->R5, DR2<->R5, DR3<->R5)
this is an example output of of ipfw show, after the "failure":
00100 320097 475909018 pipe 1 ip from any to any via xl0
00200 319874 475892138 pipe 2 ip from any to any
65535 230 16756 deny ip from any to any
I'm saying that the problem is in ipfw, cause I'm figuring that it's not
working hat it's supposed too :(
I'm trying to say that after a while it stops bridging packets from on
interface to the other, or that it doesn't
forward the packets after some amount of traffic going by.
I think I'm using all the modules that I need, I read your documentation
carefully and more than once, although
I think that the documentation you have online is for a more recent
freedbsd version(the option bridged only works
in freebsd 4.0 or higher).
Any help will be great, and once again sorry to bother you :(
P.S. I'm generating traffic with netiq tool chariot.
I have tools for checking the traffic in routers R1,R3,R4 and R5
I see traffic arriving/leaving on R1,R3,R4 but it doesn't reach R5.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030122203818.G2277-100000>