Dummynet in monolithic kernel broken on stable/12-n233319-c419c8231fb arm64

Reply: Michael Sierchio : "Re: Dummynet in monolithic kernel broken on stable/12-n233319-c419c8231fb arm64"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Michael Sierchio <kudzu_at_tenebras.com>
Date: Fri, 25 Jun 2021 00:55:17 UTC

For numerous reasons, I've been building security appliances with a
monolithic kernel for a long time.  A recent git pull on the stable/12
branch from github has borked dummynet.

*root@graviton-1:/etc/ipfw 242#* ipfw pipe 1 config gred 0.01/12/36/0.75
noerror

ipfw: net.inet.ip.dummynet.red_lookup_depth must be greater than zero

*root@graviton-1:/etc/ipfw 243#* sysctl
net.inet.ip.dummynet.red_lookup_depth=256

sysctl: oid 'net.inet.ip.dummynet.red_lookup_depth' is read only


Interesting, but inconvenient.  Just happened upon reboot.  Attempting to
set in /boot/loader.conf doesn't work.  Any advice?


Many (if not all) of the dummynet sysctls are borked


*root@graviton-1:~ 201#* sysctl net.inet.ip.dummynet.red_max_pkt_size=1500

sysctl: oid 'net.inet.ip.dummynet.red_max_pkt_size' is read only



*michael.sierchio@graviton-1:~ 201>* sysctl net.inet.ip.dummynet

net.inet.ip.dummynet.io_pkt_drop: 0

net.inet.ip.dummynet.io_pkt_fast: 0

net.inet.ip.dummynet.io_pkt: 0

net.inet.ip.dummynet.queue_count: 0

net.inet.ip.dummynet.fsk_count: 0

net.inet.ip.dummynet.si_count: 0

net.inet.ip.dummynet.schk_count: 0

net.inet.ip.dummynet.expire_cycle: 0

net.inet.ip.dummynet.expire: 0

net.inet.ip.dummynet.tick_lost: 0

net.inet.ip.dummynet.tick_diff: 0

net.inet.ip.dummynet.tick_adjustment: 0

net.inet.ip.dummynet.tick_delta_sum: 0

net.inet.ip.dummynet.tick_delta: 0

net.inet.ip.dummynet.red_max_pkt_size: 0

net.inet.ip.dummynet.red_avg_pkt_size: 0

net.inet.ip.dummynet.red_lookup_depth: 0

net.inet.ip.dummynet.debug: 0

net.inet.ip.dummynet.io_fast: 0

net.inet.ip.dummynet.pipe_byte_limit: 1048576

net.inet.ip.dummynet.pipe_slot_limit: 100

net.inet.ip.dummynet.hash_size: 64

net.inet.ip.dummynet.fqpie.limit: 10240

net.inet.ip.dummynet.fqpie.flows: 1024

net.inet.ip.dummynet.fqpie.quantum: 1514

net.inet.ip.dummynet.fqpie.beta: 1250

net.inet.ip.dummynet.fqpie.alpha: 125

net.inet.ip.dummynet.fqpie.max_ecnth: 99

net.inet.ip.dummynet.fqpie.max_burst: 150000

net.inet.ip.dummynet.fqpie.tupdate: 15000

net.inet.ip.dummynet.fqpie.target: 15000

net.inet.ip.dummynet.fqcodel.limit: 10240

net.inet.ip.dummynet.fqcodel.flows: 1024

net.inet.ip.dummynet.fqcodel.quantum: 1514

net.inet.ip.dummynet.fqcodel.interval: 100000

net.inet.ip.dummynet.fqcodel.target: 5000

net.inet.ip.dummynet.pie.beta: 1250

net.inet.ip.dummynet.pie.alpha: 125

net.inet.ip.dummynet.pie.max_ecnth: 99

net.inet.ip.dummynet.pie.max_burst: 150000

net.inet.ip.dummynet.pie.tupdate: 15000

net.inet.ip.dummynet.pie.target: 15000

net.inet.ip.dummynet.codel.interval: 100000

net.inet.ip.dummynet.codel.target: 5000
-- 

"Well," Brahmā said, "even after ten thousand explanations, a fool is no
wiser, but an intelligent person requires only two thousand five hundred."

- The Mahābhārata