ALTQ, pf and VLANs

Max Laier max at love2party.net
Thu Mar 31 10:42:39 PST 2005 

On Thursday 31 March 2005 19:29, Marko Čuk wrote:
> I am still running 5.3-RELEASE-p5 and there is
>
> /*$FreeBSD: src/sys/dev/em/if_em.c,v 1.44.2.2 2004/10/15 22:12:59
> tackerman Exp $*/
>
> , obviously unpatched and bad driver. I'll try to cvsup to 5.4-PRE, but
> I'm a little worried with stability, as this is my main firewall for
> whole network.
>
> 2nd thing... try to disable it manually ? What :) ? I don't quite
> understand you on that .

Whoops, sorry - work blindness.  I meant to say: Try to disable the hardware 
supported VLAN tagging manually $ifconfig em0 -vlanhwtag

> ifconfig em1 disable ? :)  I have traffic on it :)  ( I'll be running
> carp as soon and pfsync as I'll learn how to and if it will work fine
>
> :) , to have redaudant firewall )
>
> Cuk
>
> Max Laier wrote:
> >On Thursday 31 March 2005 04:38, Marko Čuk wrote:
> >>Max, that solution works fine. I have tried it and it works fine for me.
> >>
> >>Thanks.
> >>
> >>Anyway, do you know some issues with dropping traffic on em0 vlan
> >>enabled interfaces and  tcpdump-ing ? The average traffic, that we
> >>tcpdump is cca 10-20mbit/s and when tcpdump-ing, we get allmost 90%
> >>packet loss on interfaces. Any clue ?
> >
> >Ugh, I know of such an issue, but was thinking that it should be fixed by
> > now. Can you make sure that you have your kernel/em(4) built with if_em.c
> > 1.44.2.6 or later?  The effect should simply be that it disables VLAN
> > hardware support which doesn't seem to work with promiscuous mode.  You
> > could also try to disable it manually (ifconfig) to see if that improves
> > on the packet loss.
> >
> >>Marko
> >>
> >>Max Laier wrote:
> >>>On Tuesday 29 March 2005 20:28, Marko Čuk wrote:
> >>>>Will that be fixed in 5.4 ? Right now, today it won't work without a
> >>>>patch.
> >>>>
> >>>>pfctl: vlan0: driver does not support altq
> >>>
> >>>Please see:
> >>>http://lists.freebsd.org/mailman/htdig/freebsd-net/2005-February/006456.
> >>>ht ml
> >>>
> >>>If you still can't live without ALTQ rate-limitting on VLAN submit a PR
> >>>and throw it my way.

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20050331/efbd6d7b/attachment.bin

More information about the freebsd-stable mailing list