From owner-freebsd-isp@FreeBSD.ORG Fri Oct 6 10:37:37 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E5E4B16A403; Fri, 6 Oct 2006 10:37:37 +0000 (UTC) (envelope-from Tyrone@TelecityRedbus.se) Received: from s200aog12.obsmtp.com (s200aog12.obsmtp.com [207.126.144.126]) by mx1.FreeBSD.org (Postfix) with SMTP id 3DCBA43D5E; Fri, 6 Oct 2006 10:37:36 +0000 (GMT) (envelope-from Tyrone@TelecityRedbus.se) Received: from source ([195.149.172.5]) by eu1sys200aob012.postini.com ([207.126.147.11]) with SMTP; Fri, 06 Oct 2006 10:37:32 UTC Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Fri, 6 Oct 2006 12:37:32 +0200 Message-ID: In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Dummynet,VLAN and CARP broken?? Thread-Index: AcbpLFTjGrthcXWmTJafZwTkIxW2awABx4SQ From: To: , Cc: Subject: RE: Dummynet,VLAN and CARP broken?? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Oct 2006 10:37:38 -0000 I found out that you still need to let carp packets through even though all you doing is traffic shaping=20 So ipfw add 1 allow carp from any to any=20 Did the trick for me=20 Regards tyrone -----Original Message----- From: owner-freebsd-isp@freebsd.org [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of Tyrone@TelecityRedbus.se Sent: den 6 oktober 2006 11:46 To: freebsd-ipfw@freebsd.org; freebsd-isp@freebsd.org Subject: Dummynet,VLAN and CARP broken?? Hi Running FreeBSD6.1-RC Kernel compiled with the following=20 options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #enable logging to syslogd(8) options IPFIREWALL_FORWARD #enable transparent proxy options IPFIREWALL_VERBOSE_LIMIT=3D100 #limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by options IPDIVERT #divert sockets options DUMMYNET options BRIDGE options HZ=3D1000=09 options FAST_IPSEC options TCP_SIGNATURE device crypto device cryptodev device carp Problem is with the CARP addresses staying in the "master" "master" position when I have dummynet stripping bandwidth on that vlan. I take the dummnet config away then the carp interfaces go to "master" and "backup" as required. My dummynet configs look like this ipfw pipe 100 config bw 10500Kbit/s #setup shaping pipes 10Mbit ipfw queue 1 config pipe 100 weight 100 ipfw queue 2 config pipe 100 weight 100 ipfw add 1000 queue 1 ip from any to any in via vlan148 =20 ipfw add 1000 queue 2 ip from any to any out via vlan148 I have an open FW so no carp message should be blocked is dummynet broken? Regards Tyrone This e-mail is intended only for the use of the addressees named above and may be confidential.=20 If you are not an addressee you must not use any information contained in nor copy it nor inform any person other than the addressees of its existence or contents.=20 _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" This e-mail is intended only for the use of the addressees named above an= d may be confidential. = If you are not an addressee you must not use any information contained in= nor copy it nor inform any person other than the addressees of its exist= ence or contents. = =0D