From owner-freebsd-bugs@FreeBSD.ORG Tue Sep 15 16:20:07 2009 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BFC06106568D for ; Tue, 15 Sep 2009 16:20:07 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id A20218FC1E for ; Tue, 15 Sep 2009 16:20:07 +0000 (UTC) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n8FGK727074161 for ; Tue, 15 Sep 2009 16:20:07 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n8FGK7gV074154; Tue, 15 Sep 2009 16:20:07 GMT (envelope-from gnats) Resent-Date: Tue, 15 Sep 2009 16:20:07 GMT Resent-Message-Id: <200909151620.n8FGK7gV074154@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, dan@more.net Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D4DD1065670 for ; Tue, 15 Sep 2009 16:16:44 +0000 (UTC) (envelope-from root@ephemeral.more.net) Received: from ephemeral.more.net (citrus.bfo.more.net [207.160.133.174]) by mx1.freebsd.org (Postfix) with ESMTP id 22DB78FC15 for ; Tue, 15 Sep 2009 16:16:44 +0000 (UTC) Received: by ephemeral.more.net (Postfix, from userid 0) id 14747130C5A; Tue, 15 Sep 2009 10:39:36 -0500 (CDT) Message-Id: <20090915153936.14747130C5A@ephemeral.more.net> Date: Tue, 15 Sep 2009 10:39:36 -0500 (CDT) From: dan@more.net To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: kern/138850: dummynet doesn't work correctly on a bridge X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Sep 2009 16:20:07 -0000 >Number: 138850 >Category: kern >Synopsis: dummynet doesn't work correctly on a bridge >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Sep 15 16:20:07 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Super Man >Release: FreeBSD 7.1-RELEASE-p7 amd64 >Organization: MOREnet >Environment: System: FreeBSD throttle.more.net 7.1-RELEASE-p6 FreeBSD 7.1-RELEASE-p6 #0: Tue Jun 9 14:55:38 UTC 2009 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 >Description: I've set up a bridge which works exactly as advertised. When I add a bandwith limit with dummynet, the bridge stops passing traffic. Here are the lines from my rc.conf file: ifconfig_bge0="inet 192.168.0.1 netmask 255.255.255.0" cloned_interfaces="bridge0" ifconfig_xl0="up" ifconfig_xl1="up" ifconfig_bridge0="addm xl0 addm xl1 up" firewall_enable="YES" firewall_script="/etc/ipfw.rules" dummynet_enable="YES" Here is my ipfw.rules file: throttle=10.10.10.0/24 limit=1Mbit/s ipfw -q -f flush ipfw -q add allow all from any to any via bge0 ipfw -q add allow all from any to any via xl0 ipfw -q add allow all from any to any via bridge0 ipfw -q pipe 1000 config mask dst-ip 0x000000ff bw $limit ipfw -q add pipe 1000 ip from any to $throttle via xl1 ipfw -q pipe 1001 config mask src-ip 0x000000ff bw $limit ipfw -q add pipe 1001 ip from $throttle to any via xl1 ipfw -q add 60000 allow all from any to any If I change the limit to 0 (no limit) it starts passing traffic. Change it to any value, and it stops passing traffic. I did a tcpdump of the traffic and it gets to bridge0 but not any further. I tried moving the pipes to xl0 and bridge0 and the behaviour is the same. I also tried it on FreeBSD 6.3 with the same results. If I set up the machine as a router and use basically the same rules (no bridge0) it works exacly as expected. >How-To-Repeat: Set up a FreeBSD server as a bridge, verify that it works. I have 3 interfaces: a management interface and 2 for the bridge. Enable ipfw and dummynet, use the ipfw.rules listed above (adjusted for your network). Traffic will not pass over the bridge. Change the limit to 0 and traffic will pass. I have set up 3 different servers (one with FreeBSD 6.3) and the problem was present every time. >Fix: I wish I knew. >Release-Note: >Audit-Trail: >Unformatted: