next.zip and compiled got the kipfw and ipfw
> 3) I connect via linux box , ssh 172.16.0.2
>
> Do anyone advise , how could I enable netmap ipfw to filter traffic from
> Cisco Router ?
>
> Archy Cho
>
>> Jim Thompson mailto:j...@netgate.com>> 於 2015年10月10日
&g
--+
> ++
>
> 1) I have recompiled the kernel with device netmap
> 2) I downloaded the next.zip and compiled got the kipfw and ipfw
> 3) I connect via linux box , ssh 172.16.0.2
>
> Do anyone advise , how could I enable netmap ipfw to filte
the next.zip and compiled got the kipfw and ipfw
3) I connect via linux box , ssh 172.16.0.2
Do anyone advise , how could I enable netmap ipfw to filter traffic from Cisco
Router ?
Archy Cho
> Jim Thompson 於 2015年10月10日 上午1:14 寫道:
>
>
>> On Oct 9, 2015, at 7:14 AM, Archy Ch
for installation or testing.
Thanks for advise.
Archy Cho
> Jim Thompson 於 2015年10月10日 上午1:14 寫道:
>
>
>> On Oct 9, 2015, at 7:14 AM, Archy Cho wrote:
>>
>> I think I must misunderstand something , could anyone send me advise?
>> Or any documents could hel
> On Oct 9, 2015, at 7:14 AM, Archy Cho wrote:
>
> I think I must misunderstand something , could anyone send me advise?
> Or any documents could help to build a NETMAP IPFW firewall box ?
See the last several paragraphs of:
https://github.com/luigirizzo/netmap-ipfw/blob/next/
369224 135934287 allow ip from any to any
###
I have downloaded
https://github.com/luigirizzo/netmap/archive/master.zip
<https://github.com/luigirizzo/netmap/archive/master.zip>
https://github.com/luigirizzo/netmap-ipfw/archive/next.zip
<https://github.com/luigirizzo/netmap-ipfw/
On Fri, Jul 10, 2015 at 5:03 PM, Luigi Rizzo wrote:
>
>
> On Fri, Jul 10, 2015 at 9:58 PM, Eduardo Meyer
> wrote:
>
>> On Fri, Jul 10, 2015 at 4:15 PM, Luigi Rizzo wrote:
>>
>>>
>>>
>>> On Fri, Jul 10, 2015 at 9:14 PM, Eduardo Meyer
>>> wrote:
>>>
On Fri, Jul 10, 2015 at 4:09 PM, Pavel Od
On Fri, Jul 10, 2015 at 9:58 PM, Eduardo Meyer wrote:
> On Fri, Jul 10, 2015 at 4:15 PM, Luigi Rizzo wrote:
>
>>
>>
>> On Fri, Jul 10, 2015 at 9:14 PM, Eduardo Meyer
>> wrote:
>>
>>> On Fri, Jul 10, 2015 at 4:09 PM, Pavel Odintsov <
>>> pavel.odint...@gmail.com>
>>> wrote:
>>>
>>> > Hello!
>>>
On Fri, Jul 10, 2015 at 4:15 PM, Luigi Rizzo wrote:
>
>
> On Fri, Jul 10, 2015 at 9:14 PM, Eduardo Meyer
> wrote:
>
>> On Fri, Jul 10, 2015 at 4:09 PM, Pavel Odintsov > >
>> wrote:
>>
>> > Hello!
>> >
>> > You could enable multiple queues for each NIC and run single instance of
>> > kipfw on eac
On Fri, Jul 10, 2015 at 9:14 PM, Eduardo Meyer wrote:
> On Fri, Jul 10, 2015 at 4:09 PM, Pavel Odintsov
> wrote:
>
> > Hello!
> >
> > You could enable multiple queues for each NIC and run single instance of
> > kipfw on each pair:
> > kipfw netmap:ix0-0 netmap:ix1-0
> > kipfw netmap:ix0-1 netmap
On Fri, Jul 10, 2015 at 4:09 PM, Pavel Odintsov
wrote:
> Hello!
>
> You could enable multiple queues for each NIC and run single instance of
> kipfw on each pair:
> kipfw netmap:ix0-0 netmap:ix1-0
> kipfw netmap:ix0-1 netmap:ix1-1
>
> And so on ;) i have about 12 mpps with this configuration (on
You should run netmap-ipfw with this command (it will run 8 copies of
kipfw):
for i in `seq 0 7`; do IPFW_PORT="555$i" taskset -c $i kipfw
netmap:eth0-$i netmap:eth1-$i & done
When you need add or remove rule you should do it for all 8 copies of kipfw:
for i in `seq 0 7`;do IPFW_POR
Hello!
You could enable multiple queues for each NIC and run single instance of
kipfw on each pair:
kipfw netmap:ix0-0 netmap:ix1-0
kipfw netmap:ix0-1 netmap:ix1-1
And so on ;) i have about 12 mpps with this configuration (on Linux netmap).
On Friday, July 10, 2015, Eduardo Meyer wrote:
> Hell
Hello,
should ./kipfw and another ./kipfw work?
I want to have two filtered kipfw instances sharing the same WAN port.
So far I did a quick test lab and it worked, but since it's a lab
environment I don't know if I should expect other problems when I add it to
run in a real scenario.
What p
On 5/5/15 10:46 PM, Barney Cordoba wrote:
Are you NOT SHARP ENOUGH to understand that my proposal DOESN'T USE
THE NETWORK STACK? OMFG
Barney, your proposal is that we provide a framework to allow network
IP stack bypass in the case of special processing.
that framework still needs to be hooked
Are you NOT SHARP ENOUGH to understand that my proposal DOESN'T USE THE NETWORK
STACK? OMFG
Julien, perhaps if people weren't so hostile towards commercial companies
providing ideas for alternative ways of doing things you'd get more input and
more help. Why would I want to help these people?
BC
> On May 4, 2015, at 10:07 PM, Julian Elischer wrote:
>
> Jim, and Barney. I hate to sound like a broken record, but we really need
> interested people in the network stack.
> The people who make the decisions about this are the people who stand up and
> say "I have a few hours I can spend on
2015-05-04 17:29 skrev Barney Cordoba via freebsd-net:
It's not faster than "wedging" into the if_input()s. It simply can't
be. Your getting packets at interrupt time as soon as their processed
and you there's no network stack involved, and your able to receive
and transmit without a process s
27;t need any of its services.
> >
> > Going to userspace is just a side effect -- turns out to
> > be easier to develop and run your packet processing code
> > in userspace, but there are netmap clients (e.g. the
> > VALE software switch) which run entirely in the kernel.
>
gt; On Sunday, May 3, 2015 3:10 AM, Raimundo Santos
>> wrote:
>>
>>
>> Clarifying things for the sake of documentation:
>>
>> To use the host stack, append a ^ character after the name of the interface
>> you want to use. (Info from netmap(4)
ng things for the sake of documentation:
>
> To use the host stack, append a ^ character after the name of the interface
> you want to use. (Info from netmap(4) shipped with FreeBSD 10.1 RELEASE.)
>
> Examples:
>
> "kipfw em0" does nothing useful.
> "kipfw netmap
ake of documentation:
>>
>> To use the host stack, append a ^ character after the name of the interface
>> you want to use. (Info from netmap(4) shipped with FreeBSD 10.1 RELEASE.)
>>
>> Examples:
>>
>> "kipfw em0" does nothing useful.
>> "
t; you want to use. (Info from netmap(4) shipped with FreeBSD 10.1 RELEASE.)
>
> Examples:
>
> "kipfw em0" does nothing useful.
> "kipfw netmap:em0" disconnects the NIC from the usual data path, i.e.,
> there are no host communications.
> "kipfw netmap:e
> Examples:
>
> "kipfw em0" does nothing useful.
> "kipfw netmap:em0" disconnects the NIC from the usual data path, i.e.,
> there are no host communications.
> "kipfw netmap:em0 netmap:em0^" or "kipfw netmap:em0+" places the
> netmap-ipfw ru
t; "kipfw em0" does nothing useful.
> "kipfw netmap:em0" disconnects the NIC from the usual data path, i.e.,
> there are no host communications.
> "kipfw netmap:em0 netmap:em0^" or "kipfw netmap:em0+" places the
> netmap-ipfw rules between the NI
tmap:em0" disconnects the NIC from the usual data path, i.e.,
there are no host communications.
"kipfw netmap:em0 netmap:em0^" or "kipfw netmap:em0+" places the
netmap-ipfw rules between the NIC and the host stack entry point associated
(the IP addresses configured on it
e NIC from the usual data path, i.e.,
there are no host communications.
"kipfw netmap:em0 netmap:em0^" or "kipfw netmap:em0+" places the
netmap-ipfw rules between the NIC and the host stack entry point associated
(the IP addresses configured on it with ifconfig, ARP and RARP, et
Hello, All (NetMap dev. Team) !
We use netmap-ipfw server for traffic pre-processing before the main
filtering bridge (ordinary dummynet) and met the situation, that
netmap-ipfw dramatically degrades perfomance (point B below) from stable
work (point A below) after some actions with ruleset
Hello, All!
In addition to previous info I can say, that netmap-ipfw takes about
95% in top -PHS, even if firewall is fully open:
60 root 1000 885M 342M CPU00 621:31 92.38% kipfw
when first rule is "allow ip from any to any"
May be it needs more RAM ? current
Hello, All !
We tried to use netmap-ipfw in production (as filtering bridge) for
traffic sanity and bandwidth limitation.
And meet a problem. Will be explaned below.
CPU: i5-4690 CPU @ 3.50GHz
RAM: 8GB x 1800Mhz
NET: Intel DA 520 (2 x 10Gbps)
kipfw starts as:
/usr/local/netmap-ipfw/kipfw
> On 23 Dec 2014, at 21:26, Luigi Rizzo wrote:
>
> Ok please pull the "next" branch from code.google.com/p/netmap-ipfw/
> which has a fix applied (set TCP_NODELAY on the connection).
> With that i can load a table with 64k entries in about 3 seconds.
>
> The &q
Dear Luigi
many thanks, we got new code from netmap codebase and see dramaticaly
improved perfomance !
We have a little question about working of netmap-ipfw.
It's very important for us to switch net.inet.ip.fw.one_pass
variable to 0 value:
net.inet.ip.fw.one_pass=0
How to use this var
Ok please pull the "next" branch from code.google.com/p/netmap-ipfw/
which has a fix applied (set TCP_NODELAY on the connection).
With that i can load a table with 64k entries in about 3 seconds.
The "master" branch also has the same fix, but loading a table
appears to be bu
On Tue, Dec 23, 2014 at 5:04 PM, wrote:
> Dear Luigi
>
> Today I installed the last distribution of FreeBSD-Stable 10.1 and
> took netmap-ipfw from your place by:
>
> git clone https://code.google.com/p/netmap-ipfw/
> (hope the latest version)
>
i am investigating the pr
Julian,
I tested your method, result is negative, I see following:
First Console:
root@testbridge:/usr/local/netmap-ipfw/netmap-ipfw/ipfw # more
tab-cont.txt | ./ipfw /dev/stdin
connected to 127.0.0.1:
^C
Freeze. Have to interrupt by CTRL-C after 30 sec.
Second Console:
root@testbridge
On 12/23/14 11:32 PM, i...@aknet.kg wrote:
Eugene,
sure, first we tried was a method with file.
But after first 2-3 rules (table 10 add xxx.xxx.xxx.xxx) it hangs
and we loose console interaction.
(the last FreeBSD-Stable 10.1)
It needs to open new console and kill a process ./ipfw
/usr/local/
Dear Luigi
Today I installed the last distribution of FreeBSD-Stable 10.1 and
took netmap-ipfw from your place by:
git clone https://code.google.com/p/netmap-ipfw/
(hope the latest version)
netmap compiled into kenel by
devicenetmap
Test computer i7-3770 (3.4Ghz), network card Intel DA
please take the code from code.google.com/p/netmap-ipfw/
The symptoms you describe seem related to a bug that i fixed a couple
of months ago.
cheers
luigi
On Tue, Dec 23, 2014 at 2:02 PM, IT Department, AkNet ISP wrote:
> Hello to All
>
> Can anybody tell, how to fill a table with lar
Eugene,
sure, first we tried was a method with file.
But after first 2-3 rules (table 10 add xxx.xxx.xxx.xxx) it hangs and
we loose console interaction.
(the last FreeBSD-Stable 10.1)
It needs to open new console and kill a process ./ipfw
/usr/local/.../rules.txt
And ./ipfw table 10 list sh
On 23.12.2014 20:02, IT Department, AkNet ISP wrote:
> Hello to All
>
> Can anybody tell, how to fill a table with large number of entries ?
>
> Sure, It can be done by standard method by ./ipfw table 10 add
> xxx.xxx.xxx.xxx in a script, but each entry takes couple of seconds to
> be placed into
Hello to All
Can anybody tell, how to fill a table with large number of entries ?
Sure, It can be done by standard method by ./ipfw table 10 add
xxx.xxx.xxx.xxx in a script, but each entry takes couple of seconds to
be placed into a table:
./ipfw table 10 add 192.168.10.50
connected to 127.0.0.1
Hello,
I try netmap-ipfw and have problem with IPv6 rule
Running on FreeBSD 10.1-RELEASE (compiled from source, kernel with
option NETMAP added)
$ ipfw/ipfw add 00100 allow ipv6 from any to any
connected to 127.0.0.1:
ipfw: getsockopt(IP_FW_ADD): Protocol not supported
and on kipfw output
gt;>> wrote:
>>>
>>>> hello again patrick
>>>>
>>>> On Sun, Nov 9, 2014 at 12:54 AM, Patrick Tracanelli <
>>>> eks...@freebsdbrasil.com.br> wrote:
>>>>
>>>>> > (Machine-A)<-->Machine-B<--->(MachineC)
&
e-A)<-->Machine-B<--->(MachineC)
>>>> >
>>>> > Machine-A:
>>>> > em0 172.16.251.3/24
>>>> >
>>>> > Machine-B:
>>>> > em1: 172.16.251.1/24
>>>> > em2: 172.16.252.1/24
>>>> &
B<--->(MachineC)
>>> >
>>> > Machine-A:
>>> > em0 172.16.251.3/24
>>> >
>>> > Machine-B:
>>> > em1: 172.16.251.1/24
>>> > em2: 172.16.252.1/24
>>> > 10.0-STABLE w/ latest netmap-ipfw and netmap code from goog
, Patrick Tracanelli <
> eks...@freebsdbrasil.com.br> wrote:
>
>> > (Machine-A)<-->Machine-B<--->(MachineC)
>> >
>> > Machine-A:
>> > em0 172.16.251.3/24
>> >
>> > Machine-B:
>> > em1: 172.16.251.1/24
>> > em2
.251.1/24
> > em2: 172.16.252.1/24
> > 10.0-STABLE w/ latest netmap-ipfw and netmap code from google code
> > repository
> >
> > Machine-C:
> > em0 172.16.252.3/24
>
> Now, your scenario is a typical routing topology. kipfw has no packet
> forwarding
below!!
:-D
Enviada do meu iPad
> Em 09/11/2014, às 00:13, Evandro Nunes escreveu:
>
>> On Sat, Nov 8, 2014 at 5:26 AM, Mahnaz Talebi wrote:
>>
>> Hi Evandro.
>> I've tested netmap-ipfw on real NICs.
>> Use "
>>
>> ./kipfw -i netmap:em0 -
On Sat, Nov 8, 2014 at 5:26 AM, Mahnaz Talebi wrote:
> Hi Evandro.
> I've tested netmap-ipfw on real NICs.
> Use "
>
> ./kipfw -i netmap:em0 -i netmap:em1
> " to run netmap-ipfw on em0 and em1. ipfw works as a bridge and copy
> incoming packets to em0 to em1
Hi Evandro.
I've tested netmap-ipfw on real NICs.
Use "
./kipfw -i netmap:em0 -i netmap:em1
" to run netmap-ipfw on em0 and em1. ipfw works as a bridge and copy
incoming packets to em0 to em1 if they pass defined rules (and vice versa,
from em1 to em0).
If you still have problem w
On Fri, Nov 7, 2014 at 4:08 PM, Luigi Rizzo wrote:
>
>
> On Fri, Nov 7, 2014 at 5:02 AM, Evandro Nunes
> wrote:
>
>> On Thu, Nov 6, 2014 at 9:24 PM, Luigi Rizzo wrote:
>>
>>> The code on code.google.com/p/netmap-ipfw/ works well for me
>>> on ph
On Fri, Nov 7, 2014 at 5:02 AM, Evandro Nunes
wrote:
> On Thu, Nov 6, 2014 at 9:24 PM, Luigi Rizzo wrote:
>
>> The code on code.google.com/p/netmap-ipfw/ works well for me
>> on physical interfaces.
>>
>> For using the nics many of your examples show that yo
On Thu, Nov 6, 2014 at 9:24 PM, Luigi Rizzo wrote:
> The code on code.google.com/p/netmap-ipfw/ works well for me
> on physical interfaces.
>
> For using the nics many of your examples show that you are not using the
> various programs correctly. There is clearly a
> mismatch
The code on code.google.com/p/netmap-ipfw/ works well for me
on physical interfaces.
For using the nics many of your examples show that you are not using the
various programs correctly. There is clearly a
mismatch between what this code does and your expectations,
and there isn't much i can
y count and allow rules,
> and yes they are counting packets, when I run kipfw, every packet on em1
> and em2 gets dropped immediately. no matter they are allow rules counting
> packets, packets get dropped and machine-A gets completely isolated from
> machine-C
>
> any further
On Wed, Nov 5, 2014 at 8:44 PM, Patrick Tracanelli <
eks...@freebsdbrasil.com.br> wrote:
> Hey, what you are doing wrong is much more simple than you expect.
>
> > # ./kipfw em1 em2 > & /tmp/kipfw.log &
> > [1] 66583
>
> Just run ./kipfw netmap:em1 netmap:em2 and this will probably work.
>
> Pleas
Hey, what you are doing wrong is much more simple than you expect.
> # ./kipfw em1 em2 > & /tmp/kipfw.log &
> [1] 66583
Just run ./kipfw netmap:em1 netmap:em2 and this will probably work.
Please remember to redirect kipfw output to somewhere you are not reading only
*after* you are sure the out
B em2] <--> [em3 C]
>
1) added a couple count rules to ipfw (kernel):
# ipfw add count all from any to any via em1
00100 count ip from any to any via em1
# ipfw add count all from any to any via em2
00200 count ip from any to any via em2
2) connected kipfw to the NICs
# ./kipfw em1 em2 &g
: pkt-gen -i em1 -f tx ...
>
> machine B kipfw em1 em2
>
> machine C pkt-gen -i em3 -f rx
>
> And the connection between the ports is the following
>
> [A em1] <--> [em1 B em2] <--> [em3 C]
>
> cheers
> luigi
>
ok this scenario will take
On Tue, Nov 04, 2014 at 05:44:43PM -0200, Evandro Nunes wrote:
> On Tue, Nov 4, 2014 at 5:26 PM, Luigi Rizzo wrote:
...
> >> i gues I am missing a piece of the architecture...
> >>
> >
> > ???probably yes :)
> >
> > kipfw em1 em2 connects the two interfaces to each other, keeping the
> > rest ???
8943
metric 0 mtu 1500
ifconfig em1 | grep flags
em1: flags=28943
metric 0 mtu 1500
but still netmap-ipfw is not incrementing counters...
> Michal
>
> ___
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailm
Dne 4.11.2014 20:44, Evandro Nunes napsal(a):
# ifconfig "em2" | grep flags
em2: flags=28d02
metric 0 mtu 1500
Hi,
interface is OACTIVE and down.
Do you try "ifconfig em2 up" ?
Michal
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org
6.250.10
PING 172.16.250.10 (172.16.250.10): 56 data bytes
64 bytes from 172.16.250.3: icmp_seq=0 ttl=64 time=0.296 ms
64 bytes from 172.16.250.3: icmp_seq=1 ttl=64 time=0.141 ms
64 bytes from 172.16.250.3: icmp_seq=2 ttl=64 time=0.144 ms
64 bytes from 172.16.250.3: icmp_seq=3 ttl=64 time=0.176 ms
6
stack completely out of the game.
I am not sure where you are running pkt-gen (is it on a separate
machine ?) and what the 'em1' used in
pkt-gen is connected to.
Also (not in the above case but in general) you might need to
put the interfaces used in kipfw in promisc mode so y
tter than with the standard firewall
> (except for much better behaviour in blocking incoming attacks).
>
> cheers
> luigi
>
>
> On Tue, Nov 4, 2014 at 5:56 AM, Evandro Nunes
> wrote:
>
>> hello,
>> I am trying to do some basic stateless filtering with ne
the user space netmap-ipfw only supports two interfaces,
The hard problem in moving to 3+ interfaces is not much the code but
deciding where to send a packet once it has passed the filter.
Basically, passing things through the kernel stack is simple
but performance is going to be no better than
ning:
# ps wauxw | grep ipfw
root 40820 0.4 0.0 14648 1744 2 R12:32PM 0:04.95
./kipfw em1 em2 lo0
root 40886 0.0 0.0 14708 1552 2 DL+ 12:34PM 0:00.00
grep ipfw
I am using latest netmap and netmap-ipfw source code, not the code from
freebsd base system.
hello,
I am trying to do some basic stateless filtering with netmap-ipfw.
what i have running is:
./kipfw em1 em2 lo0
and when i do ipfw/ipfw show:
ipfw/ipfw show
connected to 127.0.0.1:
nalloc 2248 nbytes 136 ptr 0x0
00100 0 0 allow ip from any to any via lo0
65535 0 0 allow ip from any
On Mon, Oct 13, 2014 at 10:51 PM, Roman Shevchenko via freebsd-net <
freebsd-net@freebsd.org> wrote:
> I have a trouble while compile netmap-ipfw.
> make NETMAP_INC=./sys
> Building userspace ...
> gmake[1]: Entering directory `/root/netmap-ipfw/ipfw'
> (cd ../objs;
I have a trouble while compile netmap-ipfw.
make NETMAP_INC=./sys
Building userspace ...
gmake[1]: Entering directory `/root/netmap-ipfw/ipfw'
(cd ../objs; gmake -f ../Makefile.kipfw include_e)
gmake[2]: Entering directory `/root/netmap-ipfw/objs'
Building /root/netmap-ipfw/objs/../objs
:49 PM, Luigi Rizzo wrote:
>>>
>>>> Should work.
>>>> Please try the latest version from code.google.com/p/netmap-ipfw/
>>>>
>>>> Cheers
>>>> Luigi
>>>>
>>>
>>> OK just cloned.
>>>
>>>
On Tue, Sep 30, 2014 at 4:20 PM, Luigi Rizzo wrote:
>
>
> On Tue, Sep 30, 2014 at 8:57 PM, Eduardo Meyer
> wrote:
>
>>
>>
>> On Tue, Sep 30, 2014 at 1:49 PM, Luigi Rizzo wrote:
>>
>>> Should work.
>>> Please try the latest version fro
On Tue, Sep 30, 2014 at 8:57 PM, Eduardo Meyer wrote:
>
>
> On Tue, Sep 30, 2014 at 1:49 PM, Luigi Rizzo wrote:
>
>> Should work.
>> Please try the latest version from code.google.com/p/netmap-ipfw/
>>
>> Cheers
>> Luigi
>>
>
> OK just c
On Tue, Sep 30, 2014 at 1:49 PM, Luigi Rizzo wrote:
> Should work.
> Please try the latest version from code.google.com/p/netmap-ipfw/
>
> Cheers
> Luigi
>
OK just cloned.
What should tbe topology be like?
igb(4) -> netmap bridge -> vale -> ipfw?
will lagg0 ->
On Tue, Sep 30, 2014 at 8:19 PM, Marcelo Gondim
wrote:
> On 30/09/2014 13:49, Luigi Rizzo wrote:
>
>> Should work.
>> Please try the latest version from code.google.com/p/netmap-ipfw/
>>
>> Cheers
>> Luigi
>>
>
> Hi Luigi,
>
> The netmap-ip
On 30/09/2014 13:49, Luigi Rizzo wrote:
Should work.
Please try the latest version from code.google.com/p/netmap-ipfw/
Cheers
Luigi
Hi Luigi,
The netmap-ipfw be included in the FreeBSD 10.1 final?
Cheers,
Gondim
On Tuesday, September 30, 2014, Eduardo Meyer wrote:
I have a problem
Should work.
Please try the latest version from code.google.com/p/netmap-ipfw/
Cheers
Luigi
On Tuesday, September 30, 2014, Eduardo Meyer wrote:
> I have a problem, where I need to fwd a high rate of pps, and I dont have
> enough CPU. It's around 900Kpps, so I would like to k
35 in
{ via lagg0 or via vlan1010 }
00200 prob 0.50 fwd 10.1.2.2 tcp from any 80,1024-65535 to table(100)
in { via igb6 or via igb7 }
00300 fwd 10.1.2.3 tcp from any 80,1024-65535 to table(100) in { via igb6
or via igb7 }
With those rules, my CPU interrupt rate raises from 30% to 80%.
If netmap
Hi Luigi,
Again, My receiver can not receive packets.
dmesg messages are:
[ 7612.954837] 081.363279 [ 753] generic_netmap_dtor Restored native
NA (null)
[ 7613.054226] 081.462874 [ 753] generic_netmap_dtor Restored native
NA (null)
Please help me to use netmap-ipfw.
Thanks in
.1045724.n5.nabble.com/running-netmap-ipfw-with-real-NICs-tp5906992p5911668.html
Sent from the freebsd-net mailing list archive at Nabble.com.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send
Sorry for my inaccuracy!
I use "./pkt-gen -i eth0 -f tx" in sender and "
./pkt-gen -i eth0 -f rx" in receiver.
On Wed, May 7, 2014 at 5:00 PM, Mahnaz Talebi wrote:
> I use this scenario for test netmap-based ipfw with real NICs.
>
>
> ===
I use this scenario for test netmap-based ipfw with real NICs.
=
sender (eth0:10.10.1.1)DUT (eth0:10.10.1.2)
(eth1:10.10.2.2)receiver(10.10.2.3:eth0)
./pkt-gen -i eth0 -f rx ->
On Mon, Apr 28, 2014 at 4:30 PM, Raimundo Santos wrote:
> On 28 April 2014 01:58, Mahnaz Talebi wrote:
>
> > I am trying to run netmap-based ipfw with real NICs
>
>
> Hello,
>
> there are some drivers that does not support netmap yet.
>
thanks for the answer but it wasn't that, i spoke to Mahn
On 28 April 2014 01:58, Mahnaz Talebi wrote:
> I am trying to run netmap-based ipfw with real NICs
Hello,
there are some drivers that does not support netmap yet.
Raimundo Santos
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mail
Hi all,
I am trying to run netmap-based ipfw with real NICs, but encounter error in
opening netmap device. (I can run it with vale switch), what is problem??!
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
T
85 matches
Mail list logo
