From owner-freebsd-questions@FreeBSD.ORG Mon Oct 18 04:05:43 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DAF1916A4CF for ; Mon, 18 Oct 2004 04:05:42 +0000 (GMT) Received: from FoxSurfer.Com (dns1.foxsurfer.com [69.90.8.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 633EA43D1F for ; Mon, 18 Oct 2004 04:05:42 +0000 (GMT) (envelope-from daemon@foxchat.net) Received: from [24.172.9.74] (rrcs-24-172-9-74.midsouth.biz.rr.com [24.172.9.74]) by FoxSurfer.Com (8.12.11/8.12.11) with ESMTP id i9I45ZRg097184 (version=TLSv1/SSLv3 cipher=DHE-DSS-AES256-SHA bits=256 verify=NO); Mon, 18 Oct 2004 00:05:36 -0400 (EDT) (envelope-from daemon@foxchat.net) From: NetAdmin To: synrat In-Reply-To: <41733D41.6@wirewalk.org> References: <416B29BC.6080108@wirewalk.org> <4172D346.4070601@mykitchentable.net> <41733D41.6@wirewalk.org> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-WCAQj2XZV7R27Ja6vnpE" Message-Id: <1098072338.30097.19.camel@foxdaemon.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Mon, 18 Oct 2004 00:05:38 -0400 X-Content-Filtered-By: Mailman/MimeDel 2.1.1 cc: freebsd-questions@freebsd.org Subject: Re: dummynet X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Oct 2004 04:05:43 -0000 --=-WCAQj2XZV7R27Ja6vnpE Content-Type: text/plain Content-Transfer-Encoding: quoted-printable try this, it works for me. ${fwcmd} add pipe 1 { tcp or udp } from ${oip} to any 21 ${fwcmd} pipe 1 config mask src-ip 0x000000ff bw 128Kbit/s queue 20Kbytes You can set the 128Kbit/s to anything but I'm not sure I'd use 2Kbit/s. You may need to play with the 0x000000ff. Just install whatmask from /usr/ports/net-mgmt/whatmask Regards On Sun, 2004-10-17 at 23:49, synrat wrote: > yeah it kinda seems broken. i can see the pipes being > hit by traffic, but no bandwidth limitation is done whatsoever. > I tried specifying dedicated port based pipes, that didn't work, > I tried using queues for port specification while specifying pipes > with the the same port numbers, that didn't work. I tried connecting > pipes to the queues, no result as well. >=20 > for example, to limit outgoing ftp, I tried this, >=20 > ${fwcmd} add pipe 6 tcp from ${oip} 21 to any out xmit ${oif} > ${fwcmd} pipe 6 config bw $2Kbit/s >=20 > no effect. >=20 > ${fwcmd} add pipe 6 tcp from ${oip} 21 to any out xmit ${oif} > ${fwcmd} pipe 6 config bw $2Kbit/s > ${fwcmd} add queue 6 tcp from ${oip} 21 to any out >=20 > no effect. >=20 > ${fwcmd} add pipe 6 tcp from ${oip} 21 to any out xmit ${oif} > ${fwcmd} pipe 6 config bw $2Kbit/s > ${fwcmd} add queue 6 tcp from ${oip} 21 to any out > ${fwcmd} queue 6 config pipe 6 > =09 > =09 > setsockopt error. >=20 > I guess it craps out when trying to bind queue to the pipe. Why ?? who=20 > knows.... I really can't make much sense from what I've read about=20 > dummynet in ipfw and dummynet man pages, if anyone knows of a good=20 > manual, please let me know. >=20 >=20 >=20 >=20 >=20 >=20 >=20 > Drew Tomlinson wrote: > > On 10/11/2004 5:47 PM synrat wrote: > >=20 > >> Can someone tell me about a good way to troubleshoot pipes/queues or=20 > >> point me in the rigtt direction. I'm trying to restrict outgoing ftp=20 > >> traffic and create some pipes for VOIP. dummynet and pipe rules load=20 > >> fine ( and are in the kernel ) but seem to have no effect. I did read=20 > >> the manual pages 20 times over. I tried adding pipes before doing=20 > >> "config bw" on them, but that didn't make any difference. > >> thanx a lot in advance. > >=20 > >=20 > > I have tried using DUMMYNET also and don't see any effect. If you find= =20 > > an answer, please let me know. It's my goal to give highest priority t= o=20 > > ssh connection, next highest priority to the traffic originating on=20 > > machine "bigdaddy" port 8080, and then all remaining traffic gets passe= d=20 > > when there's nothing else going on. I have DSL with a 128K uplink. =20 > > Here is my rule set in case someone can find my error: > >=20 > > # Flush before we define > > $fwcmd -f queue flush > > $fwcmd -f pipe flush > >=20 > > $fwcmd pipe 1 config queue 128Kbyte > > $fwcmd queue 1 config pipe 1 weight 85 queue 8Kbyte > > $fwcmd queue 2 config pipe 1 weight 1 queue 112Kbyte > > $fwcmd queue 3 config pipe 1 weight 100 queue 8Kbyte > >=20 > > $fwcmd add queue 1 ip from bigdaddy 8080 to any out via $oif > > $fwcmd add queue 3 ip from any 22 to any out via $oif > > $fwcmd add queue 2 ip from not bigdaddy not 8080 to any out via = $oif > > $fwcmd add queue 2 ip from bigdaddy not 8080 to any out via $oif > >=20 > > And I have these options compiled into my kernel: > >=20 > > options IPFIREWALL > > options DUMMYNET > > options HZ=3D1000 > >=20 > > Thanks, > >=20 > > Drew > >=20 >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" --=20 NetAdmin for the FoxChat.Net IRC Network. The FoxSurfer Group --=-WCAQj2XZV7R27Ja6vnpE Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQBBc0ESNirmlL8R/7sRAuIdAJ0c3GohWDRdX6fjNVS1YeLIMARINACdHIQd +srNJjbt2lWjiS8ZRsvE+IM= =FdIP -----END PGP SIGNATURE----- --=-WCAQj2XZV7R27Ja6vnpE--