Multicast forwarding between 2 interfaces with ipfw+dummynet

S

soulpower

Hi guys,
this is my first post! I'm Roberto from Italy and I need your help for a project.

I got a MacBook Pro with MacOSX 10.5 in which I've installed PC-BSD 7.0.2 virtualized with VMWare Fusion 2.0.1 .

I know that this is the freebsd forum, but I think that this firewall section fits much better with my needs.

I've to setup a packet delayer/bandwidth limiter for evaluating the performances of a protocol which works with multicast traffic for transferring files. I have two programs, a sender and a receiver based over this protocol. Both programs are executed on MacOSX.

I've created with vmware two networks adapters between macosx and pcbsd, that vmare has called vmnet1 and vmnet8 on macosx, and respectively em0 and le0 on pcbsd.
The interfaces vmnet1 and em0 have addresses 192.168.15.1 and 192.168.15.129 .
The interfaces vmnet8 and le0 have addresses 172.16.163.1 and 172.16.163.130 .

The path is: sender (macosx) -> vmnet1 interface (macosx) -> em0 interface (pcbsd) -> packet delayer/bandwidth limiter (pcbsd) -> le0 interface (pcbsd) -> vmnet8 interface (macosx) -> receiver (macosx).
Everything with multicast traffic.

I've added the route to redirect multicast out traffic to vmnet1 on macosx, and to le0 on pcbsd. It works.

Obviously I can't find the ipfw ruleset to setup the packet delayer/bandwidth limiter :x I need the multicast traffic incoming from em0 interface to be forwarded to le0 interface in multicast.

I've recompiled the kernel with the following options:
Code: 
options      IPFIREWALL
options      IPFIREWALL_DEFAULT_TO_ACCEPT
options      IPFIREWALL_VERBOSE
options      IPFIREWALL_FORWARD
options      DUMMYNET
options      HZ=1000

I've putted into rc.conf:
Code: 
multicast_router="YES"
firewall_enable="YES"
firewall_type="/root/fw-rules"
firewall_logging="YES"
firewall_quiet="NO"
firewall_flags=""

And into sysctl.conf:
Code: 
net.inet.ip.forwarding: 1
net.inet.ip.check_interface: 0
net.inet.ip.fw.enable: 1
net.inet.ip.fw.autoinc_step: 100
net.inet.ip.fw.one_pass: 1
net.inet.ip.fw.debug: 1
net.inet.ip.fw.verbose: 1
net.inet.ip.fw.verbose_limit: 0
net.inet.ip.fw.dyn_buckets: 256
net.inet.ip.fw.curr_dyn_buckets: 256
net.inet.ip.fw.dyn_count: 0
net.inet.ip.fw.dyn_max: 4096
net.inet.ip.fw.static_count: 2
net.inet.ip.fw.dyn_ack_lifetime: 300
net.inet.ip.fw.dyn_syn_lifetime: 20
net.inet.ip.fw.dyn_fin_lifetime: 1
net.inet.ip.fw.dyn_rst_lifetime: 1
net.inet.ip.fw.dyn_udp_lifetime: 10
net.inet.ip.fw.dyn_short_lifetime: 5
net.inet.ip.fw.dyn_keepalive: 1

The firewall logs if I give the rule ipfw add log udp from any to me, but no rule for adding pipes works. I tried ipfw add pipe 1 udp from 192.168.15.1 to 224.0.0.1 out and similar, without success.

Can you help me to solve the situation?

Thank you so much!
 
Is the stuff in sysctl.conf copied and pasted literally? If so, it's the wrong syntax. It must be key=value.
 
Whoops... :r
I copied and pasted it from the net.
I correct the mistakes and try again!
Thank you dutchdaemon!!!
 
Still nothing working :(
I've tryed to give the following rules:

Code: 
ipfw pipe 1 config bw 100Mbit/s
ipfw pipe 2 config bw 100Mbit/s
ipfw add 40 pipe 1 ip from 192.168.15.129 to 172.16.163.130
ipfw add 50 pipe 2 ip from 172.16.163.130 to 224.0.0.1

That is: the first rule to create a pipe between the em0 interface and the le0 interface, and the second rule to forward the packets from le0 interface to multicast address.
The strange thing is that if I give "ipfw show" it tells me that for rule #40 no packet matches (both in and out), even if i ping 192.168.15.129 from the macosx machine.
What am i doing wrong?
 
You must log in or register to reply here.
Back
Top