Dear Evandro Nunes, You are just not reading. Ealy I mentioned the netmap:port syntax because your previous syntax were turning out on errors opening the port that you just didnt pay attention on ./kipfw's output.
Now you just didnt read what Mahanaz Tabeli wrote ;-) Please fo *read* below!! :-D Enviada do meu iPad > Em 09/11/2014, às 00:13, Evandro Nunes <evandronune...@gmail.com> escreveu: > >> On Sat, Nov 8, 2014 at 5:26 AM, Mahnaz Talebi <mhnz.tal...@gmail.com> wrote: >> >> Hi Evandro. >> I've tested netmap-ipfw on real NICs. >> Use " >> >> ./kipfw -i netmap:em0 -i netmap:em1 >> " to run netmap-ipfw on em0 and em1. ipfw works as a bridge and copy >> incoming packets to em0 to em1 if they pass defined rules (and vice versa, >> from em1 to em0). >> If you still have problem with ipfw-netmap, please send your scenario for >> testing it. > > dear mahaza, thank you for your suggestion > > still didn't work, in fact the syntax you mentioned returns an error that > later turns out working just like if I had used ./kipfw netmap:em1 > netmap:em2, see the output: Yes you are right and yes so does Mahaza since the wrong syntax just works for him. > (Machine-A)<-->Machine-B<--->(MachineC) > > Machine-A: > em0 172.16.251.3/24 > > Machine-B: > em1: 172.16.251.1/24 > em2: 172.16.252.1/24 > 10.0-STABLE w/ latest netmap-ipfw and netmap code from google code > repository > > Machine-C: > em0 172.16.252.3/24 Now, your scenario is a typical routing topology. kipfw has no packet forwarding capabilities whats why when you start it, you are out of forwarding capabilities and therefore, out of communication between machine A and C because they just need it in your topology. So for your testing purposes read again what Mahaza said: >> ipfw works as a bridge and copy >> incoming packets to em0 to em1 if they pass defined rules (and vice versa, >> from em1 to em0). Got it? kipfw will work as a BRIDGE and COPY between the NIC ports. Therefore on your topology do a simple change: Machine-C: ifconfig em0 172.16.251.4/24 So machine C will be in the same network of machine A. WITHOUT kipfw you will be OUT of communication. If you want to have communication without kipfw please configure if_bridge(4) properly. Now WHEN you ./kipfw netmap:em1 netmap:em2 you will BRIDGE em1 and em2 ports and therefore you will HAVE communication between the NICS. And you are done, just as a miracle! Thanks to Luigi. Now its time to have some fun: ipfw/ipfw add pipe 1 all from 172.16.251.0/24 to 172.16.251.0/24 ipfw/ipfw pipe 1 config bw 128Kbit/s delay 300 and now ping machine-A and machine-C and see dummynet working as expected... I believe you can keep on with your testings now!!! :-) BTW Luigi, I see netmap was commited to GENERIC on -CURRENT. I believe it may be a good idea to add netmap-ipfw to the base system now, to both promote more testing and also to be a good companion to netmap on GENERIC. I dont mean a new ipfw-netmap binary under /sbin/ but just the code on /usr/src/tools/tools. I've been using netmap-ipfw for a while and sure it lacks more flexbility like the ability to kipfw several ports, etc. But as it is right now, it's very stable and reliable for a preliminary code. Thats why I believe it should be on the base system. Thank you very much for the incredible technology. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
