dummynet
Marjan Bozinovski
I want to configure Dummynet on a FreeBSD machine. All I want to achieve in
the end of the day is to emulate a virtual link from one IP address to
another, for example, between:
Source IP address: 192.168.1.1
Destination IP address: 192.168.1.2
All the packets sent from the source address to the destination address
should pass through the link emulated by a specified bandwidth and delay
{bandwidth, delay}.
I have read that I should modify the /etc/rc.conf file, but I am not sure
how and whether it is all I should do.
I appreciate your help very much.
Best regards,
Marjan
Michael Sierchio
1)
You'll need a kernel that supports this, so you'll a config
that at least has
options DUMMYNET
options IPFIREWALL
2)
You'll need to configure 'ipfw' with a custom set of rules. Put this
in a file, say '/etc/rc.marjan'
#! /bin/sh
fw="/sbin/ipfw"
bw="768000bit/s" # bandwidth cap
dlay="10" # delay in ms
$fw -f flush
$fw pipe 1 config bw $bw delay $dlay
$fw add pipe 1 ip from 192.168.1.1 to 192.168.1.2
$fw add allow ip from any to any
3)
add these lines to the end of /etc/rc.conf
firewall_enable="YES"
firewall_script="/etc/rc.marjan"
JohnnyS
news:aa9a5g$os5$1...@sunsite.dk...
> Hi,
>
> I want to configure Dummynet on a FreeBSD machine. All I want to achieve
in
> the end of the day is to emulate a virtual link from one IP address to
> another, for example, between:
I just did this the other day. I'll go over it in some detail. Forgive me if
I belabour the obvious, since I'm a newbie. It looks like your 2 IP
addresses are on the same subnet, so you need to create a system that uses
dummynet to do traffic shaping across a bridge. In order to do this, you
need to do the following:
1) Install 2 network interface cards in the FreeBSD box that will do the
dummynet work (Call this the "dummynet box".) If you want to be able to
manage this system using telnet or similar, you should only add an IP
address to ONE of these cards.
Note: I found that this configuration was sensitive to the NIC that was
used. I tried this with a 3Com 3C509 combo card and it wouldn't work even
though the card worked OK and showed up in ifconfig as working in
promiscuous mode. When gave the system a 3Com 3C905 (xl0) and a D-Link 540
(dc0), it started to work just fine and that's the way I kept it.
2) Physically segment your network into two segments where the two IP
addresses you want to control traffic between are on different segments.
Connect each of these segments to one of the Ethernet adapters in the
dummynet box. This forces all traffic between the two IP addresses to go
through the dummynet box.
The way that I did this was to plug my test "client" system into the first
interface on my dummynet box using a crossover cable and the other dummynet
box interface connected to my LAN. That way, I could emulate any kind of
connection I wanted between my client system and my LAN.
3) Install FreeBSD as normal. Use the "developer" option to include all
source files and compiler tools. You don't need X to make a dummynet box so
you can leave X out.
4) Recompile your kernel with the following options added to kernel config
file. Note that some of these come from 17.3.3 and 10.7.3 in the handbook.
options BRIDGE
options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=1000
options IPFIREWALL_DEFAULT_TO_ACCEPT
options DUMMYNET
options NMBCLUSTERS=8192
5) You can now set up your system with everything running. You will need to
edit some of the configuration files.
6) Your rc.conf should look something like this:
kern_securelevel_enable="NO"
nfs_reserved_port_only="YES"
saver="blank"
sendmail_enable="NO"
sshd_enable="NO"
#Note: The following lines set up an IP address on one of the interfaces
(xl0) for management.
# The address, mask, hostname and defaultrouter will depend on your network.
ifconfig_xl0="inet 192.168.123.212 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
hostname="something.whatever"
# The following line makes inetd run. The ONLY reason for this in my case is
to run telnetd, so I can manage this system remotely.
# Therefore, this is strictly not needed.
inetd_enable="YES"
# The following line makes the second interface (dc0) come up, even though
it has no IP address.
ifconfig_dc0="up"
# The following line makes the ipfw firewall run.
firewall_enable="YES"
# The following line tells the firewall where to get it's configuration
files.
firewall_type="/etc/ipfw.conf"
7) Your sysctl.conf should look something like this. Note that the line
"net.link.ether.bridge_cfg=" depends on the names of the ethernet
interfaces. (In this case, they are "xl0" and "dc0".)
net.link.ether.bridge=1
net.link.ether.bridge_cfg=xl0:1,dc0:1
net.inet.ip.fw.enable=1
net.link.ether.bridge_ipfw=1
8) In the case of the system I built, inetd only has a single line that is
not commented out. The only reason for this is to run telnetd, as described
above.
telnet stream tcp nowait root /usr/libexec/telnetd telnetd
9) Finally, ipfw.conf looks like this:
add pipe 10 all from any to any in
pipe 10 config bw 10Mbits/s
10) In order to change the configuration of the bridge to something
different, you can run scripts like the following. I call this script
"like.badmodem" since it simulates a poor modem connection with 35 kbps
bandwidth, a 100ms delay each way and 5% packet loss.
#!/bin/sh
# This should look like a poor modem connection with some packet loss.
# Packet loss is at 5% and delays are at 75ms. Bandwidth is 64Kbits/sec
ipfw -f flush
ipfw add pipe 10 all from any to any in
ipfw pipe 10 config bw 35Kbit/s delay 100ms plr .05
11) To use the system, just connect it as described and configure the "pipe"
as you like.
JS
JohnnyS
>
> I want to configure Dummynet on a FreeBSD machine. All I want to achieve
in
> the end of the day is to emulate a virtual link from one IP address to
> another, for example, between:
JohnnyS
natum...@gmail.com
i am using dummynet on freebsd. the configuration that i use is as follows
client side: iperf -c 182.18.2.2 -u 1 -i 1 -t 100 -b 1M
server side: iperf3 -s
dummnet in freebsd configuration between the client and server is:
ipfw pipe 1 config bw 2Mbit/s plr 0.0
with this setup and configuration, at the server side i found 13% lost and the bw is also not same with 1M, it is less than 1M.
What is the reason?
Is there anyone who can help me or share me his/her experience about this?
your help is very important for me!
Thank you,
Nathnael,