Date: Mon, 12 Oct 1998 18:41:07 -0400 (EDT) From: Vince Vielhaber <vev@michvhf.com> To: freebsd-net@FreeBSD.ORG Subject: ipfw and dummynet Message-ID: <XFMail.981012184107.vev@michvhf.com>
next in thread | raw e-mail | index | archive | help
I'm having a problem with ipfw and dummynet - but I'm not sure that
dummynet has anything to do with it.
First some background. I'm running a news server that I sometimes need
to limit bandwidth coming from certain sites - but not all and not all
the time which is why I don't want to tell any of them to limit what they
send me.
I installed the patches to 2.2.7-REL for dummynet and enabled it in
the kernel and built a new kernel with these options:
options IPFIREWALL
options DUMMYNET
The problem I'm having is that even with only one rule:
ipfw add pipe 1 ip from any to any and
ipfw pipe 1 config bw 100MB/s
only the local subnet can get in. After a while (no specific timeframe
that I've found) it starts allowing traffic from outside. After a while
it closes down again. This can/has even happen(ed) right from bootup.
There seems to be no pattern to it and the only thing I can find in
/var/log/messages is:
Oct 12 17:35:25 marge /kernel: arplookup 209.57.60.17 failed: host is not on
local network
There's a string of these from anything that tried to contact it - the
above is from one of my machines on a different subnet. When these
messages stop the traffic again flows.
After chatting with Luigi about it, he thought it may have been running
out of mbufs, so I added this to the config:
options "NMBCLUSTERS=7000"
and once again rebuilt. Same thing. I've even tried powering the
machine down for a while and restarting it (just in case), but it's the
same thing. But there's no sign of it from netstat -m:
347 mbufs in use:
183 mbufs allocated to data
86 mbufs allocated to packet headers
76 mbufs allocated to protocol control blocks
2 mbufs allocated to socket names and addresses
87/412 mbuf clusters in use
867 Kbytes allocated to network (25% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines
There is no traffic flowing right now as I cut-n-pasted this.
With the above rule, this should be maxing out both T1's and occasionally
it will. But then it'll close down again.
Any suggestions?
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: vev@michvhf.com flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Searchable Campground Listings http://www.camping-usa.com
"There is no outfit less entitled to lecture me about bloat
than the federal government" -- Tony Snow
==========================================================================
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.981012184107.vev>