From owner-freebsd-virtualization@FreeBSD.ORG Sun Feb 21 09:14:20 2010 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CA502106566C for ; Sun, 21 Feb 2010 09:14:20 +0000 (UTC) (envelope-from jim@sifferle.net) Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by mx1.freebsd.org (Postfix) with ESMTP id A22BD8FC0A for ; Sun, 21 Feb 2010 09:14:20 +0000 (UTC) Received: from [192.65.23.38] (c-71-59-131-234.hsd1.wa.comcast.net [71.59.131.234]) by mrelay.perfora.net (node=mrus4) with ESMTP (Nemesis) id 0LpsQp-1NG6XC49N1-00f5Xn; Sun, 21 Feb 2010 04:14:17 -0500 From: Jim Sifferle To: Julian Elischer In-Reply-To: <4B80F076.5020109@elischer.org> References: <1266739527.25137.519.camel@localhost> <4B80F076.5020109@elischer.org> Content-Type: multipart/mixed; boundary="=-w58AwRQdd3WhlWyTGpuI" Date: Sun, 21 Feb 2010 01:14:13 -0800 Message-ID: <1266743653.3871.24.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.28.2 (2.28.2-1.fc12) X-Provags-ID: V01U2FsdGVkX1/X8HMJ2dJ3RDakJdJPm8NI0/l5x5XLs9QEosb IQl06pEjp7mjYiKw2WLpM6FHn0XYiIkpEplcnZMeWgZ74uh22i lQOOiBJiU1J/tXBzBSTLA== Cc: pf@freebsd.org, freebsd-virtualization@freebsd.org Subject: Re: Network simulation using jails & vimage X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2010 09:14:20 -0000 --=-w58AwRQdd3WhlWyTGpuI Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit On Sun, 2010-02-21 at 00:36 -0800, Julian Elischer wrote: > Jim Sifferle wrote: > > Hi, > > > > I've used ipfw and Dummynet as well as ipfw + DSCP recognition patch and > > pf/altq to simulate Internet and MPLS WAN environments for several > > years. All of my setups have run under VMWare, which for many reasons > > isn't ideal. I would like to collapse all of these VMs into one FreeBSD > > box using jails and vimages. > > > > Does any FreeBSD branch / vimage release combination support separate pf > > AND ipfw configurations per jail? I need ipfw+pf/altq for HFSC queuing > > to simulate the queueing effects of MPLS provider edge and core > > routers. > > -current (9) should be close, with patches for pf supplied by ceri. > > 8 can do separate ipfw but pf is not changed. > 9 has bugs fixed. but I'm not sure if the changes for pf went in.. > they do exis tif they are not in already. Hmmm... I think I need separate pf instances. I apply pf/altq QoS queues to both interfaces of the VM that simulates the MPLS provider edge router. The customer facing interface is a VLAN, and the QoS queues for this interface could be applied using the system-wide pf instance. The provider facing interface would be an eiface attached to the vimage and I don't believe available to pf at boot time. I will have to look around to see if the changes to support multiple pf instances have made it into 9-CURRENT. Where in the source tree should I look, or which mailing list would be best to ask this question on? > > I'm hoping the latest 7.2-STABLE-201001 snapshot will work. The DSCP > > recognition patch for ipfw that I rely on doesn't seem to work with > > 8.0. > > > > If 7.2 won't work for my needs, but 8 or 9-CURRENT will, is anyone aware > > of an updated ipfw DSCP patch? I haven't seen anything on Google or the > > freebsd-ipfw mailing list. > > what is DSCP? DSCP stands for Differentiated Services Code Point, a six byte field in the IP header used to differentiate between Classes of Service, and commonly used for CoS/QoS provisioning on MPLS WAN networks. The DSCP IP header field superceded the IP TOS field as of RFC 2474. Here's a pretty lightweight overview of how DSCP can be used: http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a00800949f2.shtml For those who are interested, I've attached a simple ASCII diagram of the vimage layout I envision (and currently have using VMWare). Thanks for your help... Jim --=-w58AwRQdd3WhlWyTGpuI Content-Disposition: attachment; filename="wan-emulation.txt" Content-Type: text/plain; name="wan-emulation.txt"; charset="UTF-8" Content-Transfer-Encoding: 7bit --------------------------------------------------------------------------------------------------------------------------------------------- | Cisco 2950 48 Port Switch: Site 1: Vlan 100: LAN, Vlan 101: Internet, Vlan 102: MPLS | | Site 2: Vlan 200: LAN, Vlan 201: Internet, Vlan 202: MPLS | | Site 3: Vlan 300: LAN, Vlan 301: Internet, Vlan 302: MPLS | | Site 4: Vlan 400: LAN, Vlan 401: Internet, Vlan 402: MPLS | | | | Trunk Trunk Trunk Trunk | --------------------|-------------------------------|-------------------------------|-------------------------------|------------------------ | | | | / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ --------------------------------------------------------------------------------------------------------------------------------------------- | | | | | | | | | | | | | | | | | | | | | | ---------------------- | ---------------------- | ---------------------- | ---------------------- | | | | | | | | | | | | | | | | | | MPLS PE RTR Vimage | | | MPLS PE RTR Vimage | | | MPLS PE RTR Vimage | | | MPLS PE RTR Vimage | | | | | x2 Interfaces | | | x2 Interfaces | | | x2 Interfaces | | | x2 Interfaces | | | | | (Vlan 102, eiface) | | | (Vlan 202, eiface) | | | (Vlan 302, eiface) | | | (Vlan 302, eiface) | | | | | IPFW+DSCP/ALTQ | | | IPFW+DSCP/ALTQ | | | IPFW+DSCP/ALTQ | | | IPFW+DSCP/ALTQ | | | | | Quagga bgpd | | | Quagga bgpd | | | Quagga bgpd | | | Quagga bgpd | | | | ---------------------- | ---------------------- | ---------------------- | ---------------------- | | | | | | | | | | | | | | | | | | | | | | | ---------------------------------------------------------------------------------------------------------------------- | | | | : : : | | | | | : : : | | | | | MPLS Cloud RTR Vimage: x4 Interfaces (Via MPLS PE Router Vimages); IPFW + Dummynet Pipes / Quagga bgpd | | | | | : : : | | | | | : : : | | | | ---------------------------------------------------------------------------------------------------------------------- | | | | | | | | | | | | | | | | | | | | -------------------------------------------------------------------------------------------------------------------------- | | | | | | | | | | | Internet Cloud RTR Vimage: x4 Interfaces (Vlan 101, 201, 301, 401); IPFW + Dummynet Pipes; Static routing | | | | | | | | | | | -------------------------------------------------------------------------------------------------------------------------- | | | |-------------------------------------------------------------------------------------------------------------------------------------------- --=-w58AwRQdd3WhlWyTGpuI--