From owner-freebsd-ipfw@FreeBSD.ORG  Thu Sep 21 18:26:51 2006
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
X-Original-To: freebsd-ipfw@freebsd.org
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B7C8F16A494
	for <freebsd-ipfw@freebsd.org>; Thu, 21 Sep 2006 18:26:51 +0000 (UTC)
	(envelope-from mrutman@widevine.com)
Received: from seamail003.widevine.com (seamail003.widevine.com
	[67.105.198.43])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0335343D45
	for <freebsd-ipfw@freebsd.org>; Thu, 21 Sep 2006 18:26:50 +0000 (GMT)
	(envelope-from mrutman@widevine.com)
Received: from seamail002.widevine.com (seamail002.widevine.com [10.200.10.15])
	by seamail003.widevine.com (8.13.4/8.13.4) with ESMTP id k8LIQnE8012995
	for <freebsd-ipfw@freebsd.org>; Thu, 21 Sep 2006 11:26:49 -0700 (PDT)
Received: from [10.100.2.133] ([10.100.254.2]) by seamail002.widevine.com with
	Microsoft SMTPSVC(5.0.2195.6713); Thu, 21 Sep 2006 11:26:48 -0700
Mime-Version: 1.0
Message-Id: <a0623090cc10ba9f66aa1@[192.168.99.40]>
Date: Thu, 21 Sep 2006 14:26:37 -0400
To: freebsd-ipfw@freebsd.org
From: Michael Rutman <mrutman@widevine.com>
Content-Type: text/plain; charset="us-ascii"
X-OriginalArrivalTime: 21 Sep 2006 18:26:48.0833 (UTC)
	FILETIME=[804D3F10:01C6DDAB]
X-SMTP-Vilter-Version: 1.1.9
X-SMTP-Vilter-Virus-Backend: clamd
X-SMTP-Vilter-Status: clean
X-SMTP-Vilter-clamd-Virus-Status: clean
X-SMTP-Vilter-Unwanted-Backend: attachment
X-SMTP-Vilter-attachment-Unwanted-Status: clean
Subject: DummyNet in Bridge mode help
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Sep 2006 18:26:51 -0000


I am unable to get dummynet to do anything for me

I am using FreeBSD 6.1.

I recompiled the kernel to add these options:

options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT
options DUMMYNET
options HZ=1000
options NMBCLUSTERS=65535
options BRIDGE
options IPFIREWALL_DEFAULT_TO_ACCEPT


I set these options to 1, though not at boot time, does that matter?

net.link.ether.bridge.ipfw: 1
net.link.ether.bridge.enable: 1
net.link.ether.bridge.config: em1,bge0
net.link.ether.bridge_ipfw: 1
net.link.ether.bridge_cfg: em1,bge0
net.link.ether.ipfw: 1
net.inet.ip.fw.enable: 1
net.inet.ip.fw.one_pass: 1
net.inet.ip.fw.debug: 1
net.inet.ip.fw.verbose: 1
net.inet.ip.fw.verbose_limit: 10000


At this point I can ping through the bridge.  I can take the bridge down
and see the pings stop, bring it back up and see them continue, so I know
the packets go through it.

I then do

ipfw add pipe 1 ip from any to any
ipfw pipe config 1 delay 5000ms

The pings do not slow down at all.

Any suggestions for what I'm doing wrong?

Thanks