Dummynet pipe causing system to lock up

Spadge spadge at fromley.net
Thu Dec 14 04:53:16 PST 2006 

Hi all

I'm completely baffled by how to work this problem out that I am having 
with ipfw/dummynet.

I have created some ipfw rules to use a pipe which dummynet then shapes. 
The problem I appear to be having is that whenever a packet is sent to 
the pipe, the entire system locks up and I have to reboot the machine 
using the power switch. Which is completely sub-optimal, I know.

I have looked through dummynet manpages, been to the dummynet website ( 
http://info.iet.unipi.it/~luigi/ip_dummynet/ ), tried google; none of it 
successfully, other than I found someone who appeared to have had a 
similar problem a year or so ago, but it looks like his problem either 
just went away on its own or was never resolved, but no mention of which.

** Background Information **

OS information:

spadge at tobermory$ uname -a
FreeBSD tobermory.home 6.1-RELEASE-p11 FreeBSD 6.1-RELEASE-p11 #14: Mon 
Dec 11 15:08:53 GMT 2006 
root at tobermory.home:/usr/obj/usr/src/sys/TOBERMORY  i386

The kernconf has the following bits for the ipfw/dummynet stuff:

# For ipfw/natd

options         IPFIREWALL
options         IPDIVERT
options         IPFIREWALL_DEFAULT_TO_ACCEPT
options         IPFIREWALL_VERBOSE

# For DUMMYNET packet shaping
options         DUMMYNET
options         HZ=1000

And the following rules are what cause the problem I'm having:

/sbin/ipfw add pipe 101 ip from any to any uid 1101 via $WAN in
/sbin/ipfw add pipe 102 ip from any to any uid 1101 via $WAN out
/sbin/ipfw pipe 101 config bw 4096kbit/s delay 200ms
/sbin/ipfw pipe 102 config bw 512kbit/s delay 200ms

$WAN is a variable set earlier in the /etc/rc.firewall rules:

WAN="xl0"
LAN="nge0"

The machine is my internet gateway, running my natd, dhcpd, httpd, 
imapd, smtpd, ircd etc.

What I am trying to achieve with this dummynet exercise is to put a 
delay onto everything that UID 1101 (which only runs mldonkey 
(multi-network p2p client)) sends/receives so that the rest of my LAN 
can do what it wants online (like playing online games and browsing the 
interwebs) and have mldonkey step aside gracefully when someone else 
wants the bandwidth. I got the idea from the mldonkey wiki page covering 
how to do this in linux - nice of them to spare us FreeBSD users an 
afterthought and a couple of lines at the end of the lengthy linux 
how-to, eh.

link: http://mldonkey.sourceforge.net/TrafficShaping

Am I missing something *completely* obvious here? What am I doing wrong? 
How can I find out more about how to do this right?

The system runs fine right up until the user in the rules starts 
sending/receiving stuff, then it's goodbye system - and suddenly enough 
that I can't find a single error or panic entry in any logs covering it.

Any hints or help would be great.

Thanks.

-- 
Spadge
"Intoccabile"
www.fromley.com

More information about the freebsd-net mailing list