Date: Wed, 8 Oct 2003 13:06:24 +0200 (CEST) From: Harti Brandt <brandt@fokus.fraunhofer.de> To: Franky <franky@is.net.pl> Cc: "vjardin@wanadoo.fr"@www.solutions.net.pl Subject: Re: Odp: Re: Odp: Re: patm, idt, ipfw - next adentures Message-ID: <20031008130057.B63940@beagle.fokus.fraunhofer.de> In-Reply-To: <20031007194614.685322304B@arrakis.solutions.net.pl> References: <20031007194614.685322304B@arrakis.solutions.net.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 7 Oct 2003, Franky wrote: F>> I suppose there is a bad interaction between HARP and IPFW. Can you F>> tell me what I should need to configure IPFW (the simplest configuration F>> (I suppose this would be to pass all packets)). I'll try it, but it may take a day or two. I'm now testing with options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT by ping -f -s20000 This runs for more than 24 hourse with the idt driver without a problem. Could you please switch of polling and look what it does? F>> F>ok, you can try this: F>-kernel part of my configuration: F>#device patm F>#device utopia F>device atm F>device harp F>options ATM_CORE F>options ATM_IP F>options ATM_SIGPVC F>options LIBMBPOOL F>options NATM F>#device idt F>options HZ=1000 F>options DEVICE_POLLING F>options PANIC_REBOOT_WAIT_TIME=9 F>options IPFIREWALL F>options IPDIVERT F>options IPFIREWALL_FORWARD F>options IPFIREWALL_DEFAULT_TO_ACCEPT F>options DUMMYNET F>options IPSTEALTH F>options PPP_BSDCOMP F>options PPP_DEFLATE F>#options PUC_FASTINTR F>options NMBCLUSTERS=65536 F>options NBUF=8192 F>-syctl part: F>sysctl kern.polling.enable=1 F>sysctl net.inet.ip.fw.one_pass=0 F>sysctl -w net.inet.ip.dummynet.hash_size=65536 F>-ipfw part: F>ipfw pipe 1 config bw 5000Kbit/s queue 4Kbytes F>ipfw queue 10 config weight 65 pipe 1 buckets 4096 mask dst-ip 0x0000ffff F>ipfw queue 11 config weight 35 pipe 1 buckets 4096 mask dst-ip 0x0000ffff F> F>ipfw add 510 queue 10 all from 192.168.1.0/26 to any out via x0 F>ipfw add 511 queue 11 all from not 192.168.1.0/26 to any out via x0 F> F>There is something else, tcpdump doesn't work with filter options (like host F>xxx.xxx.xxx.xxx) probably with others too. F>Last night I did cvs on router with atm and now when I turn ipfw on atm F>"pseudo" interfaces I get F>message: no buffer space available . F>Idt send new messages too: F>ct 6 23:30:32 ordos kernel: idt0: BUFFER STATUS: small=510/510, F>large=510/510. F>Oct 6 23:32:38 ordos kernel: idt0: Cannot add large buffers, size=0. F>Oct 6 23:34:17 ordos kernel: idt0: BUFFER STATUS: small=510/510, F>large=510/510. All this seems like an mbuf leak somewhere. harti -- harti brandt, http://www.fokus.fraunhofer.de/research/cc/cats/employees/hartmut.brandt/private brandt@fokus.fraunhofer.de, harti@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031008130057.B63940>