Robert Watson wrote:
On Sat, 17 Oct 2009, rihad wrote:
P.S.: BTW, there's a small admin-type inconsistency in FreeBSD 7.1:
/etc/rc.firewall gets executed before values set by /etc/sysctl.conf
are in effect, so "queue 2000" isn't allowed in ipfw pipe rules (as
net.inet.ip.dummynet.pipe_slot_limit is only 100 by default), so the
rules are silently failing without any trace in the log files - I only
saw the errors at the console.
This is awkward to fix for sysctls, because the firewall module may not
be loaded until the firewall stage of the boot process, so the sysctl
wouldn't take effect (and perhaps this is what you're seeing, in fact?).
Well, my kernel is built with IPFIREWALL enabled, so ipfw module is
unneeded and doesn't get loaded automatically. I rather still think it's
the order of execution that matters.
For that matter I've worked around the problem for now by setting the
sysctls explicitly in /etc/rc.firewall right before configuring the pipes:
/sbin/sysctl net.inet.ip.dummynet.hash_size=512
/sbin/sysctl net.inet.ip.dummynet.pipe_slot_limit=2000
and commented them out in /etc/sysctl.conf with an XXX
Now I see that this is also the reason why setting
net.inet.ip.dummynet.hash_size in sysctl.conf had no effect on the hash
table size at the time of creation of the pipes.
Some sysctls have associated loader tunables, which you can set in
/boot/loader.conf (and affect configuration when the module is loaded),
but it looks like that isn't true for net.inet.ip.dummynet.pipe_slot_limit.
Robert N M Watson
Computer Laboratory
University of Cambridge
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
