From owner-freebsd-net Fri Jan 5 13:52: 2 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 13:52:00 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from proxy.outblaze.com (proxy.outblaze.com [202.77.223.120]) by hub.freebsd.org (Postfix) with SMTP id 88B7837B400 for ; Fri, 5 Jan 2001 13:51:59 -0800 (PST) Received: (qmail 89264 invoked from network); 5 Jan 2001 21:51:52 -0000 Received: from unknown (HELO yusufg.portal2.com) (202.77.181.217) by proxy.outblaze.com with SMTP; 5 Jan 2001 21:51:52 -0000 Received: (qmail 17005 invoked by uid 500); 5 Jan 2001 21:55:56 -0000 Date: Sat, 6 Jan 2001 05:55:56 +0800 From: Yusuf Goolamabbas To: freebsd-net@freebsd.org Subject: Using DUMMYNET on a filtering bridge Message-ID: <20010106055556.A16881@outblaze.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I seem to have a problem getting dummynet working on a filtering bridge running 4.2-stable as on Dec 6 Problem: I am trying to limit the total outbound bandwith from a certain machine. Prior to inserting the filtering bridge, it is directly connected to a switch port which is connected to the router and then to the leased line Now, I inserted a filtering bridge between the switch port and the machine. The connection looks like this FB ==> Filtering bridge switch-port -> fxp0 of FB machine with IP [A.B.C.D] -> fxp1 of FB I have bound an IP address to fxp0 of FB so I can login in there for remote and configure the box The following are the relevant options in my kernel config options NMBCLUSTERS=16384 options BRIDGE options IPFIREWALL options IPFIREWALL_VERBOSE options DUMMYNET options IPFIREWALL_DEFAULT_TO_ACCEPT I have the following in /etc/sysctl.conf net.link.ether.bridge_ipfw=1 net.link.ether.bridge=1 net.inet.ip.fw.dyn_max=10000 My rc.firewall looks like this ipfw add 100 pass all from any to any via lo0 ipfw add 200 deny all from any to 127.0.0.0/8 ipfw add 300 pass udp from 0.0.0.0 2054 to 0.0.0.0 ipfw add 400 pipe 1 ip from A.B.C.D to any in via fxp1 ipfw pipe 1 config bw 256 Kbit/s queue 30KB However, this does not seem to provide any shaping to the machine ipfw show does not show any packets/bytes counters incremented for rule 400. ipfw pipe show also shows up blank Is there some fundamental mistake I have made ? Regards, Yusuf -- Yusuf Goolamabbas yusufg@outblaze.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message