From owner-freebsd-questions@FreeBSD.ORG Mon Oct 18 03:48:03 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4056016A4CE for ; Mon, 18 Oct 2004 03:48:03 +0000 (GMT) Received: from mail.wirewalk.com (dsl254-116-226.nyc1.dsl.speakeasy.net [216.254.116.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id D14B843D31 for ; Mon, 18 Oct 2004 03:48:02 +0000 (GMT) (envelope-from synrat@wirewalk.org) Received: from [192.168.1.3] (unknown [192.168.1.3]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wirewalk.com (Postfix) with ESMTP id 3E6F8CEC86 for ; Sun, 17 Oct 2004 23:52:57 -0400 (EDT) Message-ID: <41733D41.6@wirewalk.org> Date: Sun, 17 Oct 2004 23:49:21 -0400 From: synrat User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040916 X-Accept-Language: en-us, en, ru MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <416B29BC.6080108@wirewalk.org> <4172D346.4070601@mykitchentable.net> In-Reply-To: <4172D346.4070601@mykitchentable.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: dummynet X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Oct 2004 03:48:03 -0000 yeah it kinda seems broken. i can see the pipes being hit by traffic, but no bandwidth limitation is done whatsoever. I tried specifying dedicated port based pipes, that didn't work, I tried using queues for port specification while specifying pipes with the the same port numbers, that didn't work. I tried connecting pipes to the queues, no result as well. for example, to limit outgoing ftp, I tried this, ${fwcmd} add pipe 6 tcp from ${oip} 21 to any out xmit ${oif} ${fwcmd} pipe 6 config bw $2Kbit/s no effect. ${fwcmd} add pipe 6 tcp from ${oip} 21 to any out xmit ${oif} ${fwcmd} pipe 6 config bw $2Kbit/s ${fwcmd} add queue 6 tcp from ${oip} 21 to any out no effect. ${fwcmd} add pipe 6 tcp from ${oip} 21 to any out xmit ${oif} ${fwcmd} pipe 6 config bw $2Kbit/s ${fwcmd} add queue 6 tcp from ${oip} 21 to any out ${fwcmd} queue 6 config pipe 6 setsockopt error. I guess it craps out when trying to bind queue to the pipe. Why ?? who knows.... I really can't make much sense from what I've read about dummynet in ipfw and dummynet man pages, if anyone knows of a good manual, please let me know. Drew Tomlinson wrote: > On 10/11/2004 5:47 PM synrat wrote: > >> Can someone tell me about a good way to troubleshoot pipes/queues or >> point me in the rigtt direction. I'm trying to restrict outgoing ftp >> traffic and create some pipes for VOIP. dummynet and pipe rules load >> fine ( and are in the kernel ) but seem to have no effect. I did read >> the manual pages 20 times over. I tried adding pipes before doing >> "config bw" on them, but that didn't make any difference. >> thanx a lot in advance. > > > I have tried using DUMMYNET also and don't see any effect. If you find > an answer, please let me know. It's my goal to give highest priority to > ssh connection, next highest priority to the traffic originating on > machine "bigdaddy" port 8080, and then all remaining traffic gets passed > when there's nothing else going on. I have DSL with a 128K uplink. > Here is my rule set in case someone can find my error: > > # Flush before we define > $fwcmd -f queue flush > $fwcmd -f pipe flush > > $fwcmd pipe 1 config queue 128Kbyte > $fwcmd queue 1 config pipe 1 weight 85 queue 8Kbyte > $fwcmd queue 2 config pipe 1 weight 1 queue 112Kbyte > $fwcmd queue 3 config pipe 1 weight 100 queue 8Kbyte > > $fwcmd add queue 1 ip from bigdaddy 8080 to any out via $oif > $fwcmd add queue 3 ip from any 22 to any out via $oif > $fwcmd add queue 2 ip from not bigdaddy not 8080 to any out via $oif > $fwcmd add queue 2 ip from bigdaddy not 8080 to any out via $oif > > And I have these options compiled into my kernel: > > options IPFIREWALL > options DUMMYNET > options HZ=1000 > > Thanks, > > Drew >