Date: Thu, 24 Jun 2021 17:55:17 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: "freebsd-ipfw@freebsd.org" <freebsd-ipfw@freebsd.org> Subject: Dummynet in monolithic kernel broken on stable/12-n233319-c419c8231fb arm64 Message-ID: <CAHu1Y73sF7F-ah2C4fvRc0qznmM=AkeqynczVV5BH0E1uXQ1Ng@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
--000000000000001bf005c58c9a51 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable For numerous reasons, I've been building security appliances with a monolithic kernel for a long time. A recent git pull on the stable/12 branch from github has borked dummynet. *root@graviton-1:/etc/ipfw 242#* ipfw pipe 1 config gred 0.01/12/36/0.75 noerror ipfw: net.inet.ip.dummynet.red_lookup_depth must be greater than zero *root@graviton-1:/etc/ipfw 243#* sysctl net.inet.ip.dummynet.red_lookup_depth=3D256 sysctl: oid 'net.inet.ip.dummynet.red_lookup_depth' is read only Interesting, but inconvenient. Just happened upon reboot. Attempting to set in /boot/loader.conf doesn't work. Any advice? Many (if not all) of the dummynet sysctls are borked *root@graviton-1:~ 201#* sysctl net.inet.ip.dummynet.red_max_pkt_size=3D150= 0 sysctl: oid 'net.inet.ip.dummynet.red_max_pkt_size' is read only *michael.sierchio@graviton-1:~ 201>* sysctl net.inet.ip.dummynet net.inet.ip.dummynet.io_pkt_drop: 0 net.inet.ip.dummynet.io_pkt_fast: 0 net.inet.ip.dummynet.io_pkt: 0 net.inet.ip.dummynet.queue_count: 0 net.inet.ip.dummynet.fsk_count: 0 net.inet.ip.dummynet.si_count: 0 net.inet.ip.dummynet.schk_count: 0 net.inet.ip.dummynet.expire_cycle: 0 net.inet.ip.dummynet.expire: 0 net.inet.ip.dummynet.tick_lost: 0 net.inet.ip.dummynet.tick_diff: 0 net.inet.ip.dummynet.tick_adjustment: 0 net.inet.ip.dummynet.tick_delta_sum: 0 net.inet.ip.dummynet.tick_delta: 0 net.inet.ip.dummynet.red_max_pkt_size: 0 net.inet.ip.dummynet.red_avg_pkt_size: 0 net.inet.ip.dummynet.red_lookup_depth: 0 net.inet.ip.dummynet.debug: 0 net.inet.ip.dummynet.io_fast: 0 net.inet.ip.dummynet.pipe_byte_limit: 1048576 net.inet.ip.dummynet.pipe_slot_limit: 100 net.inet.ip.dummynet.hash_size: 64 net.inet.ip.dummynet.fqpie.limit: 10240 net.inet.ip.dummynet.fqpie.flows: 1024 net.inet.ip.dummynet.fqpie.quantum: 1514 net.inet.ip.dummynet.fqpie.beta: 1250 net.inet.ip.dummynet.fqpie.alpha: 125 net.inet.ip.dummynet.fqpie.max_ecnth: 99 net.inet.ip.dummynet.fqpie.max_burst: 150000 net.inet.ip.dummynet.fqpie.tupdate: 15000 net.inet.ip.dummynet.fqpie.target: 15000 net.inet.ip.dummynet.fqcodel.limit: 10240 net.inet.ip.dummynet.fqcodel.flows: 1024 net.inet.ip.dummynet.fqcodel.quantum: 1514 net.inet.ip.dummynet.fqcodel.interval: 100000 net.inet.ip.dummynet.fqcodel.target: 5000 net.inet.ip.dummynet.pie.beta: 1250 net.inet.ip.dummynet.pie.alpha: 125 net.inet.ip.dummynet.pie.max_ecnth: 99 net.inet.ip.dummynet.pie.max_burst: 150000 net.inet.ip.dummynet.pie.tupdate: 15000 net.inet.ip.dummynet.pie.target: 15000 net.inet.ip.dummynet.codel.interval: 100000 net.inet.ip.dummynet.codel.target: 5000 --=20 "Well," Brahm=C4=81 said, "even after ten thousand explanations, a fool is = no wiser, but an intelligent person requires only two thousand five hundred." - The Mah=C4=81bh=C4=81rata --000000000000001bf005c58c9a51--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y73sF7F-ah2C4fvRc0qznmM=AkeqynczVV5BH0E1uXQ1Ng>