kern/138850: dummynet doesn't work correctly on a bridge
dan at more.net
dan at more.net
Tue Sep 15 16:20:07 UTC 2009
>Number: 138850
>Category: kern
>Synopsis: dummynet doesn't work correctly on a bridge
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Sep 15 16:20:07 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Super Man
>Release: FreeBSD 7.1-RELEASE-p7 amd64
>Organization:
MOREnet
>Environment:
System: FreeBSD throttle.more.net 7.1-RELEASE-p6 FreeBSD 7.1-RELEASE-p6 #0: Tue Jun 9 14:55:38 UTC 2009 root at amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
I've set up a bridge which works exactly as advertised.
When I add a bandwith limit with dummynet, the bridge stops
passing traffic.
Here are the lines from my rc.conf file:
ifconfig_bge0="inet 192.168.0.1 netmask 255.255.255.0"
cloned_interfaces="bridge0"
ifconfig_xl0="up"
ifconfig_xl1="up"
ifconfig_bridge0="addm xl0 addm xl1 up"
firewall_enable="YES"
firewall_script="/etc/ipfw.rules"
dummynet_enable="YES"
Here is my ipfw.rules file:
throttle=10.10.10.0/24
limit=1Mbit/s
ipfw -q -f flush
ipfw -q add allow all from any to any via bge0
ipfw -q add allow all from any to any via xl0
ipfw -q add allow all from any to any via bridge0
ipfw -q pipe 1000 config mask dst-ip 0x000000ff bw $limit
ipfw -q add pipe 1000 ip from any to $throttle via xl1
ipfw -q pipe 1001 config mask src-ip 0x000000ff bw $limit
ipfw -q add pipe 1001 ip from $throttle to any via xl1
ipfw -q add 60000 allow all from any to any
If I change the limit to 0 (no limit) it starts passing traffic.
Change it to any value, and it stops passing traffic.
I did a tcpdump of the traffic and it gets to bridge0 but
not any further.
I tried moving the pipes to xl0 and bridge0 and the behaviour
is the same. I also tried it on FreeBSD 6.3 with the same
results.
If I set up the machine as a router and use basically the
same rules (no bridge0) it works exacly as expected.
>How-To-Repeat:
Set up a FreeBSD server as a bridge, verify that it works.
I have 3 interfaces: a management interface and
2 for the bridge.
Enable ipfw and dummynet, use the ipfw.rules listed above
(adjusted for your network).
Traffic will not pass over the bridge.
Change the limit to 0 and traffic will pass.
I have set up 3 different servers (one with FreeBSD 6.3) and
the problem was present every time.
>Fix:
I wish I knew.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list