doesn't dummynet work with vlan ?
Yavuz Maşlak
yavuz.maslak at ihlas.net.tr
Thu Jun 7 19:13:06 UTC 2012
Hello there
I use freebsd8.2
I added dummynet and other followings into the kernel;
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #print information about
options IPFIREWALL_FORWARD #enable trasparent proxy support
options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
options HZ=1000
options DUMMYNET
options IPDIVERT
options DEVICE_POLLING
I have 4 networks which seperate from eachother with vlan.
I wish to bandlimit for every vlan network using dummynet.
I have 2 ethernet cards for that. one of them is wan other one is inbound is
tagged.
vlan works well
I configured a network to limit using dummynet; ipfw.sh
###
ipfw -f flush
ipfw pipe 11 config bw 2Mbit/s # Vlan104
ipfw pipe 12 config bw 2Mbit/s # 6.Port on the switch
ipfw add pipe 11 ip from any to 10.12.4.0/24 in via em0
ipfw add pipe 12 ip from 10.12.4.0/24 to any out xmit em0
###
em0 is for outside in the server.
as a client my pc is in vlan104 namely i am behind the firewall
when i execute the ipfw.sh, I can't reach to the internet.
ipfw add pipe 12 ip from 10.12.4.0/24 to any out xmit em0
above line works it actually limits but ;
ipfw add pipe 11 ip from any to 10.12.4.0/24 in via em0
above line doesn't work properly
it obstructs my http and icmp requests. so i can't reach to internet.
Whereas i remove "ipfw add pipe 11 ip from any to 10.12.4.0/24 in via em0"
from ipfw.sh
I can either ping at outbound or reach to internet.
I tried vlan104 instead of em0 "in via em0"
that doesn't help me.
I don't use proxy. I use nat
What can be the problem ?
Thanks
More information about the freebsd-questions
mailing list