From owner-freebsd-net@FreeBSD.ORG Sun Nov 9 19:31:19 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 67434D4B for ; Sun, 9 Nov 2014 19:31:19 +0000 (UTC) Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DFDE0D0A for ; Sun, 9 Nov 2014 19:31:18 +0000 (UTC) Received: by mail-wi0-f170.google.com with SMTP id r20so8244071wiv.5 for ; Sun, 09 Nov 2014 11:31:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=R7sj18n4m5d/zYYJfnLPUDXGUxg8AooYaZJAE/WXSnU=; b=IdLY1IjI+Xn7S3VPdkDzRJZrRrwSu5KXXPcrQQh8wq3w75F+D6taYJSq9VcbcwiyeD yAewWWL8Ao4/ru+HGk6PXNSXqBQ499T8zSNXCj7xJSb21fJMSHznSP7L+8/UxqhTpchx HC0SxTy6bouT+YOsLo3RzvmOrEN7zzOWbcr67Sg6W4GuOif1+LzBToVEm3N6cJMoVKl/ uNTLagzTv38fkcJCTH9BsAq9PUtKZLjiBuXOykfIeeFljkwqQ7fSnFC18lT4tNOKmIJL qZUo5CeeTdicSb59mEeITZZsD5xBLFglKPVrs4pKuH2GIyeNVbPIthp+BoGYJj5SZaD/ 3hHA== MIME-Version: 1.0 X-Received: by 10.180.101.102 with SMTP id ff6mr24577061wib.0.1415561476522; Sun, 09 Nov 2014 11:31:16 -0800 (PST) Received: by 10.217.92.7 with HTTP; Sun, 9 Nov 2014 11:31:16 -0800 (PST) In-Reply-To: <9C799778-79DC-4D5F-BA5C-EA94A573ED10@freebsdbrasil.com.br> References: <9C799778-79DC-4D5F-BA5C-EA94A573ED10@freebsdbrasil.com.br> Date: Sun, 9 Nov 2014 17:31:16 -0200 Message-ID: Subject: Re: netmap-ipfw on em0 em1 From: Evandro Nunes To: Patrick Tracanelli , Luigi Rizzo Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 Cc: "freebsd-net@freebsd.org" , Mahnaz Talebi X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Nov 2014 19:31:19 -0000 hello again patrick On Sun, Nov 9, 2014 at 12:54 AM, Patrick Tracanelli < eksffa@freebsdbrasil.com.br> wrote: > > (Machine-A)<-->Machine-B<--->(MachineC) > > > > Machine-A: > > em0 172.16.251.3/24 > > > > Machine-B: > > em1: 172.16.251.1/24 > > em2: 172.16.252.1/24 > > 10.0-STABLE w/ latest netmap-ipfw and netmap code from google code > > repository > > > > Machine-C: > > em0 172.16.252.3/24 > > Now, your scenario is a typical routing topology. kipfw has no packet > forwarding capabilities whats why when you start it, you are out of > forwarding capabilities and therefore, out of communication between machine > A and C because they just need it in your topology. > > So for your testing purposes read again what Mahaza said: > > >> ipfw works as a bridge and copy > >> incoming packets to em0 to em1 if they pass defined rules (and vice > versa, > >> from em1 to em0). > > Got it? kipfw will work as a BRIDGE and COPY between the NIC ports. > > Therefore on your topology do a simple change: > > Machine-C: > ifconfig em0 172.16.251.4/24 > > So machine C will be in the same network of machine A. > > WITHOUT kipfw you will be OUT of communication. If you want to have > communication without kipfw please configure if_bridge(4) properly. > > Now WHEN you ./kipfw netmap:em1 netmap:em2 you will BRIDGE em1 and em2 > ports and therefore you will HAVE communication between the NICS. > > And you are done, just as a miracle! Thanks to Luigi. > YES IT WORKED YES thank you VERY MUCH for the kind help and for making it clear all the stuff I missed reading, yes I assume I should have read more or at least understood now I can see how the things works and it does work THANK YOU again very much > Now its time to have some fun: > > ipfw/ipfw add pipe 1 all from 172.16.251.0/24 to 172.16.251.0/24 > ipfw/ipfw pipe 1 config bw 128Kbit/s delay 300 > > and now ping machine-A and machine-C and see dummynet working as > expected... > > I believe you can keep on with your testings now!!! :-) > yes it worked as well now let me ask you all, other than click, does netmap offers something that can do packet forwarding? simple packet forwarding like the scenario I was trying before? I know this is not kipfw and not bridge but is there something? thank you > BTW Luigi, I see netmap was commited to GENERIC on -CURRENT. I believe it > may be a good idea to add netmap-ipfw to the base system now, to both > promote more testing and also to be a good companion to netmap on GENERIC. > I dont mean a new ipfw-netmap binary under /sbin/ but just the code on > /usr/src/tools/tools. > yes and some handbook or a better README that at least mentions the correct syntax for the tools I think adrian chadd mentioned something about that in an earlier message > > I've been using netmap-ipfw for a while and sure it lacks more flexbility > like the ability to kipfw several ports, etc. But as it is right now, it's > very stable and reliable for a preliminary code. Thats why I believe it > should be on the base system. Thank you very much for the incredible > technology. > > > > > > > > > > > > > > > > > >