kern/138850: dummynet doesn't work correctly on a bridge

dan at more.net dan at more.net
Tue Sep 15 16:20:07 UTC 2009 

>Number:         138850
>Category:       kern
>Synopsis:       dummynet doesn't work correctly on a bridge
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Sep 15 16:20:07 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Super Man
>Release:        FreeBSD 7.1-RELEASE-p7 amd64
>Organization:
MOREnet
>Environment:
System: FreeBSD throttle.more.net 7.1-RELEASE-p6 FreeBSD 7.1-RELEASE-p6 #0: Tue Jun 9 14:55:38 UTC 2009 root at amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64


>Description:
	I've set up a bridge which works exactly as advertised.
	When I add a bandwith limit with dummynet, the bridge stops
	passing traffic.

	Here are the lines from my rc.conf file:

ifconfig_bge0="inet 192.168.0.1 netmask 255.255.255.0"
cloned_interfaces="bridge0"
ifconfig_xl0="up"
ifconfig_xl1="up"
ifconfig_bridge0="addm xl0 addm xl1 up"
firewall_enable="YES"
firewall_script="/etc/ipfw.rules"
dummynet_enable="YES"

	Here is my ipfw.rules file:

throttle=10.10.10.0/24
limit=1Mbit/s

ipfw -q -f flush
ipfw -q add allow all from any to any via bge0
ipfw -q add allow all from any to any via xl0
ipfw -q add allow all from any to any via bridge0

ipfw -q pipe 1000 config mask dst-ip 0x000000ff bw $limit
ipfw -q add pipe 1000 ip from any to $throttle via xl1

ipfw -q pipe 1001 config mask src-ip 0x000000ff bw $limit
ipfw -q add pipe 1001 ip from $throttle to any via xl1

ipfw -q add 60000 allow all from any to any

	If I change the limit to 0 (no limit) it starts passing traffic.
	Change it to any value, and it stops passing traffic.

	I did a tcpdump of the traffic and it gets to bridge0 but
	not any further.

	I tried moving the pipes to xl0 and bridge0 and the behaviour
	is the same.  I also tried it on FreeBSD 6.3 with the same 
	results.

	If I set up the machine as a router and use basically the
	same rules (no bridge0) it works exacly as expected.
>How-To-Repeat:
	Set up a FreeBSD server as a bridge, verify that it works.
		I have 3 interfaces: a management interface and
			2 for the bridge.
	Enable ipfw and dummynet, use the ipfw.rules listed above 
		(adjusted for your network).
	Traffic will not pass over the bridge.
	Change the limit to 0 and traffic will pass.

	I have set up 3 different servers (one with FreeBSD 6.3) and
	the problem was present every time.

>Fix:
	I wish I knew.


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list