Dummynet pipe causing system to lock up
Nikos Vassiliadis
nvass at teledomenet.gr
Thu Dec 14 06:08:56 PST 2006
On Thursday 14 December 2006 14:51, Spadge wrote:
> Hi all
>
> I'm completely baffled by how to work this problem out that I am having
> with ipfw/dummynet.
>
> I have created some ipfw rules to use a pipe which dummynet then shapes.
> The problem I appear to be having is that whenever a packet is sent to
> the pipe, the entire system locks up and I have to reboot the machine
> using the power switch. Which is completely sub-optimal, I know.
>
> I have looked through dummynet manpages, been to the dummynet website (
> http://info.iet.unipi.it/~luigi/ip_dummynet/ ), tried google; none of it
> successfully, other than I found someone who appeared to have had a
> similar problem a year or so ago, but it looks like his problem either
> just went away on its own or was never resolved, but no mention of which.
>
> ** Background Information **
>
> OS information:
>
> spadge at tobermory$ uname -a
> FreeBSD tobermory.home 6.1-RELEASE-p11 FreeBSD 6.1-RELEASE-p11 #14: Mon
> Dec 11 15:08:53 GMT 2006
> root at tobermory.home:/usr/obj/usr/src/sys/TOBERMORY i386
>
> The kernconf has the following bits for the ipfw/dummynet stuff:
>
> # For ipfw/natd
>
> options IPFIREWALL
> options IPDIVERT
> options IPFIREWALL_DEFAULT_TO_ACCEPT
> options IPFIREWALL_VERBOSE
>
> # For DUMMYNET packet shaping
> options DUMMYNET
> options HZ=1000
>
> And the following rules are what cause the problem I'm having:
>
> /sbin/ipfw add pipe 101 ip from any to any uid 1101 via $WAN in
> /sbin/ipfw add pipe 102 ip from any to any uid 1101 via $WAN out
> /sbin/ipfw pipe 101 config bw 4096kbit/s delay 200ms
> /sbin/ipfw pipe 102 config bw 512kbit/s delay 200ms
>
> $WAN is a variable set earlier in the /etc/rc.firewall rules:
>
> WAN="xl0"
> LAN="nge0"
>
> The machine is my internet gateway, running my natd, dhcpd, httpd,
> imapd, smtpd, ircd etc.
>
> What I am trying to achieve with this dummynet exercise is to put a
> delay onto everything that UID 1101 (which only runs mldonkey
> (multi-network p2p client)) sends/receives so that the rest of my LAN
> can do what it wants online (like playing online games and browsing the
> interwebs) and have mldonkey step aside gracefully when someone else
> wants the bandwidth. I got the idea from the mldonkey wiki page covering
> how to do this in linux - nice of them to spare us FreeBSD users an
> afterthought and a couple of lines at the end of the lengthy linux
> how-to, eh.
>
> link: http://mldonkey.sourceforge.net/TrafficShaping
>
> Am I missing something *completely* obvious here? What am I doing wrong?
> How can I find out more about how to do this right?
>
> The system runs fine right up until the user in the rules starts
> sending/receiving stuff, then it's goodbye system - and suddenly enough
> that I can't find a single error or panic entry in any logs covering it.
>
> Any hints or help would be great.
>
for ipfw man, BUGS section:
Rules which use uid, gid or jail based matching should be used only if
debug.mpsafenet=0 to avoid possible deadlocks due to layering violations
in its implementation.
> Thanks.
>
More information about the freebsd-net
mailing list