Date: Mon, 15 Mar 1999 20:49:39 +0100 From: Karel Taft <Karel.Taft@SkyNet.CZ> To: freebsd-questions@FreeBSD.ORG Subject: ipfw and dummynet Message-ID: <36ED6453.36D02A1A@SkyNet.CZ>
next in thread | raw e-mail | index | archive | help
Hello,
we are running 3.1-STABLE and using dummynet for setting the bandwith.
Our server has 3 net interfaces:
de0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 195.119.190.2 netmask 0xffffff00 broadcast 195.119.190.255
ether 00:40:33:9f:18:51
media: 10baseT/UTP status: active
supported media: autoselect 100baseTX <full-duplex> 100baseTX
10baseT/UTP <full-duplex> 10baseT/UTP
ed0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 193.165.208.1 netmask 0xfffffff8 broadcast 193.165.208.7
ether 00:20:18:62:dd:2e
ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 193.165.192.1 netmask 0xffffff00 broadcast 193.165.192.255
ether 00:20:18:62:dd:3d
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
tun0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
If I set this ipfw rules:
/sbin/ipfw add 1100 pipe 11 ip from any to 193.165.214.5 out xmit ed1
/sbin/ipfw add 1110 pipe 11 ip from any to 193.165.214.64/26 out xmit
ed1
/sbin/ipfw add 1120 pipe 11 ip from any to 193.165.214.128/26 out xmit
ed1
/sbin/ipfw add 1130 pipe 11 ip from any to 193.165.214.192/29 out xmit
ed1
/sbin/ipfw pipe 11 config bw 64Kbit/sec
/sbin/ipfw add 1200 pipe 12 ip from 193.165.214.5 to any in recv ed1
/sbin/ipfw add 1210 pipe 12 ip from 193.165.214.64/26 to any in recv ed1
/sbin/ipfw add 1220 pipe 12 ip from 193.165.214.128/26 to any in recv
ed1
/sbin/ipfw add 1230 pipe 12 ip from 193.165.214.192/29 to any in recv
ed1
/sbin/ipfw pipe 12 config bw 512Kbit/sec
/sbin/ipfw add 1300 pipe 13 ip from any to 193.165.200.0/24 out xmit ed1
/sbin/ipfw add 1310 pipe 13 ip from any to 193.165.201.0/24 out xmit ed1
/sbin/ipfw add 1320 pipe 13 ip from any to 193.165.192.6 out xmit ed1
/sbin/ipfw pipe 13 config bw 90Kbit/sec
/sbin/ipfw add 1400 pipe 14 ip from any to 193.165.212.0/24 out xmit ed1
/sbin/ipfw add 1410 pipe 14 ip from any to 193.165.208.16/28 out xmit
ed1
/sbin/ipfw add 1420 pipe 14 ip from any to 193.165.192.10 out xmit ed1
/sbin/ipfw pipe 14 config bw 64Kbit/sec
/sbin/ipfw add 1500 pipe 15 ip from any to 193.165.192.32 out xmit ed1
/sbin/ipfw pipe 15 config bw 64Kbit/sec
/sbin/ipfw add 1600 pipe 16 ip from any to 193.165.214.6 out xmit ed1
/sbin/ipfw pipe 16 config bw 32Kbit/sec
/sbin/ipfw add 1700 pipe 17 ip from any to 193.165.192.33 out xmit ed1
/sbin/ipfw pipe 17 config bw 34Kbit/sec
/sbin/ipfw add 1800 pipe 18 ip from any to 193.165.202.0/24 out xmit ed1
/sbin/ipfw add 1810 pipe 18 ip from any to 193.165.192.40 out xmit ed1
/sbin/ipfw add 1820 pipe 18 ip from any to 193.165.192.42 out xmit ed1
/sbin/ipfw pipe 18 config bw 128Kbit/sec
/sbin/ipfw add 1900 pipe 19 ip from 193.165.202.0/24 to any in recv ed1
/sbin/ipfw add 1910 pipe 19 ip from 193.165.192.40 to any in recv ed1
/sbin/ipfw add 1920 pipe 19 ip from 193.165.192.42 to any in recv ed1
/sbin/ipfw pipe 19 config bw 128Kbit/sec
/sbin/ipfw add 2000 pipe 20 ip from 193.165.194.0/24 to any in recv ed1
/sbin/ipfw add 2010 pipe 20 ip from 193.165.195.0/24 to any in recv ed1
/sbin/ipfw add 2020 pipe 20 ip from 193.165.196.0/24 to any in recv ed1
/sbin/ipfw add 2030 pipe 20 ip from 193.165.198.128/26 to any in recv
ed1
/sbin/ipfw pipe 20 config bw 512Kbit/sec
/sbin/ipfw add 2100 pipe 21 ip from any to 193.165.194.0/24 out xmit ed1
/sbin/ipfw add 2110 pipe 21 ip from any to 193.165.195.0/24 out xmit ed1
/sbin/ipfw add 2120 pipe 21 ip from any to 193.165.196.0/24 out xmit ed1
/sbin/ipfw add 2130 pipe 21 ip from any to 193.165.198.128/26 out xmit
ed1
/sbin/ipfw pipe 21 config bw 512Kbit/sec
/sbin/ipfw add 2200 pipe 22 ip from any to 193.165.192.34 out xmit ed1
/sbin/ipfw pipe 22 config bw 32Kbit/sec
/sbin/ipfw add 2300 pipe 23 ip from 193.165.192.34 to any in recv ed1
/sbin/ipfw pipe 23 config bw 32Kbit/sec
evering works fine, but after 5 - 10 minutes some IP adresses from
local net 193.165.192.0/24 disappear from routing table (I can't
see it using netstat -rn) and disappear from arp table this machine too.
It is not possible to ping to some machines.
If I delete the pipe rules (ipfw dele ...) it helps and all is OK.
Do you have any idea what's wrong?
This is ipfw list:
00100 allow tcp from 195.119.190.2 to any 80 out xmit de0
00100 allow tcp from 195.119.190.2 to any 80 out xmit de0
00150 allow tcp from any to 194.149.118.164 80 out xmit de0
00150 allow tcp from any to 194.149.118.164 80 out xmit de0
00151 allow tcp from any to 194.213.194.6 80 out xmit de0
00151 allow tcp from any to 194.213.194.6 80 out xmit de0
00200 fwd 127.0.0.1,3128 tcp from any to any 80 out xmit de0
00200 fwd 127.0.0.1,3128 tcp from any to any 80 out xmit de0
00300 allow tcp from 193.165.208.1 to any 80 out xmit ed0
00300 allow tcp from 193.165.208.1 to any 80 out xmit ed0
00350 allow tcp from any to 194.149.118.164 80 out xmit ed0
00350 allow tcp from any to 194.149.118.164 80 out xmit ed0
00351 allow tcp from any to 194.213.194.6 80 out xmit ed0
00351 allow tcp from any to 194.213.194.6 80 out xmit ed0
00400 fwd 127.0.0.1,3128 tcp from any to any 80 out xmit ed0
00400 fwd 127.0.0.1,3128 tcp from any to any 80 out xmit ed0
01100 pipe 11 ip from any to 193.165.214.5 out xmit ed1
01110 pipe 11 ip from any to 193.165.214.64/26 out xmit ed1
01120 pipe 11 ip from any to 193.165.214.128/26 out xmit ed1
01130 pipe 11 ip from any to 193.165.214.192/29 out xmit ed1
01200 pipe 12 ip from 193.165.214.5 to any in recv ed1
01210 pipe 12 ip from 193.165.214.64/26 to any in recv ed1
01220 pipe 12 ip from 193.165.214.128/26 to any in recv ed1
01230 pipe 12 ip from 193.165.214.192/29 to any in recv ed1
01300 pipe 13 ip from any to 193.165.200.0/24 out xmit ed1
01310 pipe 13 ip from any to 193.165.201.0/24 out xmit ed1
01320 pipe 13 ip from any to 193.165.192.6 out xmit ed1
01400 pipe 14 ip from any to 193.165.212.0/24 out xmit ed1
01410 pipe 14 ip from any to 193.165.208.16/28 out xmit ed1
01420 pipe 14 ip from any to 193.165.192.10 out xmit ed1
01500 pipe 15 ip from any to 193.165.192.32 out xmit ed1
01600 pipe 16 ip from any to 193.165.214.6 out xmit ed1
01700 pipe 17 ip from any to 193.165.192.33 out xmit ed1
01800 pipe 18 ip from any to 193.165.202.0/24 out xmit ed1
01810 pipe 18 ip from any to 193.165.192.40 out xmit ed1
01820 pipe 18 ip from any to 193.165.192.42 out xmit ed1
01900 pipe 19 ip from 193.165.202.0/24 to any in recv ed1
01910 pipe 19 ip from 193.165.192.40 to any in recv ed1
01920 pipe 19 ip from 193.165.192.42 to any in recv ed1
02000 pipe 20 ip from 193.165.194.0/24 to any in recv ed1
02010 pipe 20 ip from 193.165.195.0/24 to any in recv ed1
02020 pipe 20 ip from 193.165.196.0/24 to any in recv ed1
02030 pipe 20 ip from 193.165.198.128/26 to any in recv ed1
02100 pipe 21 ip from any to 193.165.194.0/24 out xmit ed1
02110 pipe 21 ip from any to 193.165.195.0/24 out xmit ed1
02120 pipe 21 ip from any to 193.165.196.0/24 out xmit ed1
02130 pipe 21 ip from any to 193.165.198.128/26 out xmit ed1
02200 pipe 22 ip from any to 193.165.192.34 out xmit ed1
02300 pipe 23 ip from 193.165.192.34 to any in recv ed1
65535 allow ip from any to any
--
Regards
Karel Taft, Internet Manager Bohemia.Net
---------------------------------------------------------
* * SkyNet a.s., Ptas`i'nske'ho 6, 602 00 Brno
* | |-*--> http://www.cz, http://www.brno.bohemia.net
<--*-| | * tel: +420.5.41594159, fax: +420.5.41594100
* * e-mail: Karel.Taft@SkyNet.CZ
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?36ED6453.36D02A1A>