From owner-freebsd-security@FreeBSD.ORG Wed May 7 09:19:02 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A55837B401 for ; Wed, 7 May 2003 09:19:02 -0700 (PDT) Received: from thunder.xecu.net (thunder.xecu.net [216.127.136.208]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8956343FAF for ; Wed, 7 May 2003 09:19:01 -0700 (PDT) (envelope-from chris@xecu.net) Received: by thunder.xecu.net (Postfix, from userid 278) id 341A224E17; Wed, 7 May 2003 12:18:58 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by thunder.xecu.net (Postfix) with ESMTP id 2A1F224E07; Wed, 7 May 2003 12:18:58 -0400 (EDT) Date: Wed, 7 May 2003 12:18:58 -0400 (EDT) From: Chris McGee To: Barry Irwin In-Reply-To: <007b01c314a1$174b0af0$4508a8c0@Beastie> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-security@freebsd.org Subject: Re: IPFW Bandwidth throttling? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2003 16:19:02 -0000 Yes, there is definitely more traffic being sent than what it is limiting. If I delete the pipe, the bandwidth will peak at the maximum bandwidth that we have. Nothing is limiting the return traffic which is minimal anyway. I'm going to change the HZ setting and see if that changes anything. On Wed, 7 May 2003, Barry Irwin wrote: > Another thing to maybe try is up the HZ setting in your kernel. Have a look > at the dummynet page. > > Barry > > > -- > Barry Irwin bvi@itouchlabs.com Tel: > +27214875178 > Systems Administrator: Networks And Security > iTouch Technology > iTouch TAS http://www.itouchlabs.com Mobile: +27824457210 > > > ----- Original Message ----- > From: "Greg Panula" > To: "Chris McGee" > Cc: > Sent: Wednesday, May 07, 2003 3:55 PM > Subject: Re: IPFW Bandwidth throttling? > > > > Chris McGee wrote: > > > > > > I am trying to limit outgoing SMTP traffic to about 14 Mbps and these > are > > > the IPFW rules I am using. > > > > > > ${fwcmd} add pipe 1 tcp from 192.168.0.0/24 to any 25 out via > dc0 > > > ${fwcmd} pipe 1 config bw 14Mbit/s > > > > > > I've tried multiple tweaks to the pipe rule and I seem to be missing > > > something. I only get about half the bandwidth I specify. Is this > normal > > > behavior? Is there something wrong with the rule I'm running? > > > > > > > The pipe config & pipe rule look correct. > > > > Try 'ipfw pipe list' to confirm the pipe is configured for the correct > > bandwidth and not dropping excessive amounts of packets. > > > > Is dc0 configured for 100Mbps or 10Mbps? 7Mbps is close to the ceiling > > for a 10Mbps link. > > > > Are you sure you have ~2MBps worth of smtp traffic to pass when you're > > watching? If you increase the bandwidth on the pipe do you see more > > than the ~7Mbps you're currently seeing? > > > > > > good luck, > > greg > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" > > > > > > > > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Chris McGee 301-682-9972 Xecunet www.xecu.net xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Dialup * Webhosting * E-Commerce * High-Speed Access