Date: Sun, 9 Nov 2014 00:54:00 -0200 From: Patrick Tracanelli <eksffa@freebsdbrasil.com.br> To: Evandro Nunes <evandronunes12@gmail.com> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>, Mahnaz Talebi <mhnz.talebi@gmail.com> Subject: Re: netmap-ipfw on em0 em1 Message-ID: <9C799778-79DC-4D5F-BA5C-EA94A573ED10@freebsdbrasil.com.br> In-Reply-To: <CAG4HiT7qery5wEevFUS2bb=91tyF77ZmTdZL0WUi3APCcCYT4Q@mail.gmail.com> References: <CABfVBTktfLGacJ3PerR%2BgTewbS%2B52Vmno9mcT-XQBNktPFw5%2Bw@mail.gmail.com> <CAG4HiT7qery5wEevFUS2bb=91tyF77ZmTdZL0WUi3APCcCYT4Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Dear Evandro Nunes, You are just not reading. Ealy I mentioned the netmap:port syntax because yo= ur previous syntax were turning out on errors opening the port that you just= didnt pay attention on ./kipfw's output. Now you just didnt read what Mahanaz Tabeli wrote ;-) Please fo *read* below= !! :-D Enviada do meu iPad > Em 09/11/2014, =C3=A0s 00:13, Evandro Nunes <evandronunes12@gmail.com> esc= reveu: >=20 >> On Sat, Nov 8, 2014 at 5:26 AM, Mahnaz Talebi <mhnz.talebi@gmail.com> wro= te: >>=20 >> Hi Evandro. >> I've tested netmap-ipfw on real NICs. >> Use " >>=20 >> ./kipfw -i netmap:em0 -i netmap:em1 >> " to run netmap-ipfw on em0 and em1. ipfw works as a bridge and copy >> incoming packets to em0 to em1 if they pass defined rules (and vice versa= , >> from em1 to em0). >> If you still have problem with ipfw-netmap, please send your scenario for= >> testing it. >=20 > dear mahaza, thank you for your suggestion >=20 > still didn't work, in fact the syntax you mentioned returns an error that > later turns out working just like if I had used ./kipfw netmap:em1 > netmap:em2, see the output: Yes you are right and yes so does Mahaza since the wrong syntax just works f= or him.=20 > (Machine-A)<-->Machine-B<--->(MachineC) >=20 > Machine-A: > em0 172.16.251.3/24 >=20 > Machine-B: > em1: 172.16.251.1/24 > em2: 172.16.252.1/24 > 10.0-STABLE w/ latest netmap-ipfw and netmap code from google code > repository >=20 > Machine-C: > em0 172.16.252.3/24 Now, your scenario is a typical routing topology. kipfw has no packet forwar= ding capabilities whats why when you start it, you are out of forwarding cap= abilities and therefore, out of communication between machine A and C becaus= e they just need it in your topology. So for your testing purposes read again what Mahaza said: >> ipfw works as a bridge and copy >> incoming packets to em0 to em1 if they pass defined rules (and vice versa= , >> from em1 to em0). Got it? kipfw will work as a BRIDGE and COPY between the NIC ports. Therefore on your topology do a simple change: Machine-C: ifconfig em0 172.16.251.4/24 So machine C will be in the same network of machine A.=20 WITHOUT kipfw you will be OUT of communication. If you want to have communic= ation without kipfw please configure if_bridge(4) properly. Now WHEN you ./kipfw netmap:em1 netmap:em2 you will BRIDGE em1 and em2 ports= and therefore you will HAVE communication between the NICS. And you are done, just as a miracle! Thanks to Luigi. Now its time to have some fun: ipfw/ipfw add pipe 1 all from 172.16.251.0/24 to 172.16.251.0/24 ipfw/ipfw pipe 1 config bw 128Kbit/s delay 300 and now ping machine-A and machine-C and see dummynet working as expected...= I believe you can keep on with your testings now!!! :-) BTW Luigi, I see netmap was commited to GENERIC on -CURRENT. I believe it ma= y be a good idea to add netmap-ipfw to the base system now, to both promote m= ore testing and also to be a good companion to netmap on GENERIC. I dont mea= n a new ipfw-netmap binary under /sbin/ but just the code on /usr/src/tools/= tools. I've been using netmap-ipfw for a while and sure it lacks more flexbility li= ke the ability to kipfw several ports, etc. But as it is right now, it's ver= y stable and reliable for a preliminary code. Thats why I believe it should b= e on the base system. Thank you very much for the incredible technology.=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9C799778-79DC-4D5F-BA5C-EA94A573ED10>