dummynet.expire q'n
rihad
rihad at mail.ru
Mon Feb 4 23:30:07 PST 2008
Hi,
From FreeBSD 7.0's ipfw manual:
net.inet.ip.dummynet.expire: 1
Lazily delete dynamic pipes/queue once they have no pending traf-
fic. You can disable this by setting the variable to 0, in which
case the pipes/queues will only be deleted when the threshold is
reached.
Can a kernel guru enlighten me if there's any risk of a pipe going away
from under your feet when an existing firewall rule is using it,
resulting in a dead link where no traffic can be passed? As I don't
really know how "lazy deletion" works, It's very important this never
happens, so I've set this to 0 just to be safe, but the pipe count is
growing!
# ipfw pipe show | awk '$2 == "ip"' | wc -l
229
with only 60 or so active ipfw pipe rules that triggered pipe creation.
It seems that deleting an ipfw pipe rule will not delete the pipe behind
it when net.inet.ip.dummynet.expire is 0? OTOH, won't setting it to 1
make pipes suddenly disappear by whatever "lazy deletion" means?
Thanks.
More information about the freebsd-ipfw
mailing list