From owner-freebsd-questions  Sat May  8  2:44:38 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from cygnus.rush.net (cygnus.rush.net [209.45.245.133])
	by hub.freebsd.org (Postfix) with ESMTP id CF38E14DDA
	for <questions@freebsd.org>; Sat,  8 May 1999 02:44:35 -0700 (PDT)
	(envelope-from bright@rush.net)
Received: from localhost (bright@localhost)
	by cygnus.rush.net (8.9.3/8.9.3) with SMTP id FAA11348;
	Sat, 8 May 1999 05:06:09 -0500 (EST)
Date: Sat, 8 May 1999 05:06:07 -0500 (EST)
From: Alfred Perlstein <bright@rush.net>
To: John F Cuzzola <vdrifter@ocis.net>
Cc: questions@freebsd.org
Subject: Re: Packet Forwarding
In-Reply-To: <Pine.LNX.3.96.990507212029.3685A-100000@ocis.ocis.net>
Message-ID: <Pine.BSF.3.96.990508045938.7628c-100000@cygnus.rush.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, 7 May 1999, John F Cuzzola wrote:

re-posted to -questions so we can both get a better understanding
of BRIDGE:

> > 
> > I've found that enabling BRIDGE in my kernel worked nicely (the ED1,ED2
> > machine)
> > 
> > man bridge
> > 
> > (you can even ipfw filter bridged packets! :) )
> > 
> > however with -current i'm getting panics with divert sockets and bridge
> > enabled at the same time, choose bridge, or nat it seems for now.
> > 
> > -Alfred
> 
> 
> Thanks sincerely for the help. I recompiled the kernel and tried it out.
> Although it works, the system (a celeron 366, 32 Megs ram) slowed to a
> crawl making it unusable. Any ideas on how to speed things up? The box
> contains 3 network cards so they all go into promiscous mode when I only
> need bridging from ed1->ed3. To complicate things I'm using ip
> masquerading(with natd) from ed1->ed2(a private network)... sigh...

Lukier than I, using divert sockets + BRIDGE panics my machine.  :)

That sort of slowdown is pretty bad, however I'm quite sure it's
possibile to only turn on bridging on select interfaces, why
don't you try "sysctl -a" and look at the options given to you
around "bridge"?  

One of the reasons the mcahine may be hosing out is because you
somehow made a circular bridge and packets may circulate, try 
running tcpdump to make sure it's not happening.

What does the system's "netstat -w 1" and "top" output show for
system CPU usage?

-Alfred



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message