From owner-freebsd-questions@FreeBSD.ORG Sat Jan 27 17:51:24 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6436A16A401 for ; Sat, 27 Jan 2007 17:51:24 +0000 (UTC) (envelope-from aronesimi@yahoo.com) Received: from web58615.mail.re3.yahoo.com (web58615.mail.re3.yahoo.com [68.142.236.213]) by mx1.freebsd.org (Postfix) with SMTP id 2A32813C4AE for ; Sat, 27 Jan 2007 17:51:23 +0000 (UTC) (envelope-from aronesimi@yahoo.com) Received: (qmail 14964 invoked by uid 60001); 27 Jan 2007 17:24:42 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=PBI8jYtrzFH7bxzDwI8t6ufBioy4WFJ+kY12OdIGKDcd5E5FZMePr7oQeY37cwyE+0WY8NTCvK7dXiAk+J7fmOWHlwT2zIRLtRFoM/1r02wJI4CIKsqAHEffEmD3N8jsUNGj0ecRPEyI9oxhs2HQk/poOp93ZItxdnno2sNKxPU=; Received: from [75.72.230.91] by web58615.mail.re3.yahoo.com via HTTP; Sat, 27 Jan 2007 09:24:42 PST Date: Sat, 27 Jan 2007 09:24:42 -0800 (PST) From: Arone Silimantia To: freebsd-questions@freebsd.org MIME-Version: 1.0 Message-ID: <636827.12689.qm@web58615.mail.re3.yahoo.com> X-Mailman-Approved-At: Sat, 27 Jan 2007 19:12:37 +0000 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: ipfw pipe show output - clarification needed please X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Jan 2007 17:51:24 -0000 I set up a dummynet pipe with this sequence of commands: sysctl -w net.inet.ip.fw.one_pass=0 ipfw pipe 1 config bw 16Mbit/s ipfw add 10000 pipe 1 all from any to any So far so good. Works great. However, when I look at the pipe itself, with this command: ipfw pipe show 1 I see this: # ipfw pipe show 1 00001: 16.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 tcp 1.2.3.4/22 1.2.3.4/4333 2970975653 2649647615805 2 2992 10414733 I would like to clarify a few things... First, the ipfw pipe creation command I ran is not (as far as I can tell) TCP specific, and further, my ipfw rule says "any to any" - but when I look at the pipe, it has a protocol specified (TCP) and further, has a port number (22). I want to throttle ALL IP traffic, not just TCP, and certainly not just port 22. What am I doing wrong ? Second, there are seven headings (from BKT at the left to Drp on the right) but underneath those seven headings are _9_ values. What I really want to know is how many packets I am droppinig ... but I can't tell which of the fields are the "dropped" - I assume it is the final number .. if so, what is that measured in ? Packets ? Finally, why am I dropping any packets ? My total traffic is 5-7 Mbits/s on average ... I don't see why I would be dropping any packets at all ... are they being dropped because the system can't keep up, or are they being dropped because I am hitting the throttle limit and it drops everything above that ? Many thanks. --------------------------------- Now that's room service! Choose from over 150,000 hotels in 45,000 destinations on Yahoo! Travel to find your fit. --------------------------------- Sucker-punch spam with award-winning protection. Try the free Yahoo! Mail Beta.