Dummynet,VLAN and CARP broken??

Tyrone at TelecityRedbus.se Tyrone at TelecityRedbus.se
Fri Oct 6 03:37:38 PDT 2006 

I found out that you still need to let carp packets through even though
all you doing is traffic shaping 

So ipfw add 1 allow carp from any to any 

Did the trick for me 

Regards

tyrone


-----Original Message-----
From: owner-freebsd-isp at freebsd.org
[mailto:owner-freebsd-isp at freebsd.org] On Behalf Of
Tyrone at TelecityRedbus.se
Sent: den 6 oktober 2006 11:46
To: freebsd-ipfw at freebsd.org; freebsd-isp at freebsd.org
Subject: Dummynet,VLAN and CARP broken??

Hi

Running FreeBSD6.1-RC
Kernel compiled with the following 

options         IPFIREWALL              #firewall
options         IPFIREWALL_VERBOSE      #enable logging to syslogd(8)
options         IPFIREWALL_FORWARD      #enable transparent proxy
options         IPFIREWALL_VERBOSE_LIMIT=100    #limit verbosity
options         IPFIREWALL_DEFAULT_TO_ACCEPT    #allow everything by
options         IPDIVERT                #divert sockets
options         DUMMYNET
options         BRIDGE
options	      	HZ=1000	
options         FAST_IPSEC
options         TCP_SIGNATURE
device          crypto
device          cryptodev
device		carp

Problem is with the CARP addresses staying in the "master" "master"
position when I have dummynet stripping bandwidth on that vlan. I take
the dummnet config away then the carp interfaces go to "master" and
"backup" as required.

My dummynet configs look like this

ipfw pipe 100 config bw 10500Kbit/s #setup shaping pipes 10Mbit
ipfw queue 1 config pipe 100 weight 100
ipfw queue 2 config pipe 100 weight 100
ipfw add 1000 queue 1 ip from any to any in via vlan148  
ipfw add 1000 queue 2 ip from any to any out via vlan148

I have an open FW so no carp message should be blocked is dummynet
broken?


Regards

Tyrone
This e-mail is intended only for the use of the addressees named above
and may be confidential. 
If you are not an addressee you must not use any information contained
in nor copy it nor inform any person other than the addressees of its
existence or contents. 


_______________________________________________
freebsd-isp at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
This e-mail is intended only for the use of the addressees named above and may be confidential. 
If you are not an addressee you must not use any information contained in nor copy it nor inform any person other than the addressees of its existence or contents.

More information about the freebsd-isp mailing list