Date: Mon, 18 Jun 2012 22:34:35 +0200 From: Luigi Rizzo <rizzo@iet.unipi.it> To: Randy Bush <randy@psg.com> Cc: freebsd-net <freebsd-net@freebsd.org> Subject: Re: dummynet delay Message-ID: <20120618203435.GB32782@onelab2.iet.unipi.it> In-Reply-To: <m2395sd0r6.wl%randy@psg.com> References: <m2395sd0r6.wl%randy@psg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 19, 2012 at 01:48:45AM +0900, Randy Bush wrote:
> add pipe 1 tcp from 147.28.2.129 to 147.28.2.133
> add pipe 2 tcp from 147.28.2.133 to 147.28.2.129
> pipe 1 config queue 50 delay 200ms
> pipe 2 config queue 50 delay 200ms
>
> is a tcp packet from 147.28.2.129 to 147.28.2.133 delayed by 200ms or
> 400ms, 200 for each interface?
it depends on where the traffic source and destination are,
and on the configuration of the firewall.
See the ascii diagram near PACKET FLOW in the ipfw manpage,
reproduced below. Each [block] can potentially pass the
packet through a pipe.
For better control on the traffic flow, I'd suggest to
use the "in" and "out" keywords in ipfw rules so you
do not risk that through traffic on a router is
intercepted twice.
^ to upper layers V
| |
+----------->-----------+
^ V
[ip(6)_input] [ip(6)_output] net.inet(6).ip(6).fw.enable=1
| |
^ V
[ether_demux] [ether_output_frame] net.link.ether.ipfw=1
| |
+-->--[bdg_forward]-->--+ net.link.bridge.ipfw=1
^ V
| to devices |
cheers
luigi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120618203435.GB32782>