Skip to content

Using FreeBSD as a network bridge and use dummynet to shape the traffic

Here’s a quick note/tutorial about how to setup FreeBSD 7.0 as a network bridge and use dummynet to shape the traffic, There is a pretty good tutorial on the net but I found it’s rather outdated. So here is mine.

First of all we’ll need to setup FreeBSD as a network bridge.

ifconfig bridge create

This should return “bridge0″ if this is the first bridge you created.

And we’ll add the two interface used on the bridge. It’s “rl0″ and “vr0″ in my case:

ifconfig bridge0 addm rl0 addm vr0 up

Now bring the bridge up. Note the two interface need to be up too.

ifconfig rl0 up
ifconfig vr0 up
ifconfig bridge0 up

If you want an IP address of the box, assign it to the bridge

ifconfig bridge0 inet 192.168.2.9 netmask 255.255.255.0

Now the bridge should work. To make dummynet work, we’ll need to recompile the kernel:
add

options IPFIREWALL
options IPFIREWALL_DEFAULT_TO_ACCEPT
options DUMMYNET
options HZ=1000

to the kernel config file and rebuild it. Then add

firewall_enable="YES"
firewall_type="open"

to /etc/rc.conf.

Make sure you have filewall_type=”open” in /etc/rc.conf and/or options IPFIREWALL_DEFAULT_TO_ACCEPT in your kernel config file before you do the reboot if you are doing this remotely. Or you’ll block yourself out.

Now enable ifpw on the bridge

sysctl net.link.bridge.ipfw=1

OK, we can now add a pipe:

ipfw 1000 add pipe 1 ip from any to any bridged

Note the “1000″ in the command line. Do a

ifpw list

first and choose a good place for the pipe.

Now it’s time to shape the traffic. To add some delay:

ipfw pipe 1 config delay 5ms

or add some package lost:

ipfw pipe 1 config plr 0.1

Reference:

A nice tutorial

The FreeBSD hand book about bridging

The FreeBSD hand book about IPFW

dummynet(4)

ipfw(8)

Share This

Tags: , , ,

Comments 10

  1. Jaime wrote:

    Great little post Dryice.
    Thanks a lot!

    Posted 06 Mar 2009 at 9:08 pm
  2. ken wrote:

    Wow.. if only i found this earlier.. took me the whole day to figure this out and then i saw your page..

    Posted 24 Apr 2009 at 9:25 am
  3. Jose A. Lpz wrote:

    It was a great help, it took me almost a week to find the solution, always thank’s to you.

    Posted 02 Jul 2009 at 7:50 am
  4. hanjinhai wrote:

    thanks ! do you have QQ or Msn I sew your page but I have some problom . Can I ask you ? I am a chinese

    Posted 06 Nov 2009 at 12:33 pm
  5. hanjinhai wrote:

    my QQ: 475332295
    Msn: sooetechnic@hotmail.com

    Posted 06 Nov 2009 at 12:47 pm
  6. david wrote:

    Nice tutorial. But I am having trouble with getting the bridge to work correctly. It passes arp requests across the bridge but not the arp responses. Tried it with both frenzy 1.1 and 1.3. Anyone seen anything like this before? Thx.

    Posted 27 Nov 2010 at 12:32 am
  7. nike air max wrote:

    Thanks for the nice blog. It was very useful for me. Keep sharing such ideas in the future as well.

    Posted 21 Dec 2010 at 9:39 am
  8. Anna wrote:

    I recommend is to have several good watch …..
    They not only work fine and affordable …..
    Breguet Watches
    Replica Breitling Watches

    Posted 03 May 2011 at 2:10 pm
  9. prenatal massage wrote:

    your guide on how to setup FreeBSD 7.0 as a network bridge is very details…

    Posted 23 Jun 2011 at 10:03 pm
  10. how to make a woman fall in love wrote:

    Appreciate for the tutorial

    Posted 24 Jun 2011 at 11:42 pm

Post a Comment

You could use <code type="name"> to get your code colorized

Your email is never published nor shared. Required fields are marked *

Close
E-mail It