From owner-freebsd-ipfw@FreeBSD.ORG Thu Oct 23 05:51:32 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B3D1A16A4B3 for ; Thu, 23 Oct 2003 05:51:32 -0700 (PDT) Received: from mail.1wisp.com (uslec-66-255-6-131.cust.uslec.net [66.255.6.131]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3BBAB43FCB for ; Thu, 23 Oct 2003 05:51:28 -0700 (PDT) (envelope-from tscrum@1wisp.com) Received: from 1wispadmin ([192.168.1.94]) (authenticated) by mail.1wisp.com (8.11.6/8.11.6) with ESMTP id h9NCpIp04448; Thu, 23 Oct 2003 08:51:18 -0400 Message-ID: <00b801c39964$5dacc950$5e01a8c0@1wispadmin> From: "Thomas S. Crum - 1WISP, Inc." To: "Alhagie Puye" , References: <20031022195900.91577.qmail@web20501.mail.yahoo.com> Date: Thu, 23 Oct 2003 08:51:23 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: Equal bandwidth sharing by all hosts using dummynet X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Oct 2003 12:51:32 -0000 To be candid, I have not tinkered much with freebsd as a nat box. If you are using the same box to route and to shape, I'm sure the config will be different. My config (a bridge) is sitting between a cisco and my swicthes and my cisco runs nat so all the private ip's are shaped both in and out prior to the router nating it to a public ip. GL, Tom ----- Original Message ----- From: "Alhagie Puye" To: "Thomas S. Crum - 1WISP, Inc." ; Sent: Wednesday, October 22, 2003 3:59 PM Subject: Re: Equal bandwidth sharing by all hosts using dummynet > Thanks for the tip. The EVERYBODY "DOWN" works great > but the others don't work. > > I'm wondering what the order of how the rules are > applied affects it. It looks like the traffic shaping > is happening AFTER the packets are nat-ed. Could that > be the case? I said this because after nat, the > packets coming back to my private network have the > right IP's (192.168.42.0/24) but when the packets are > are leaving my network, they have the wrong IP after > nat. I'm going to try changing the rule a little bit. > Will let you know what I find out. > > Thanks, > Alhagie. > --- "Thomas S. Crum - 1WISP, Inc." > wrote: > > Do not use "all" of your available pipe as during > > peak times it would > > increase latency. > > > > # EVERYBODY "DOWN" > > add queue 100 ip from any to 192.168.42.0/24 > > queue 100 config weight 1 pipe 100 mask dst-ip > > 0xffffffff > > pipe 100 config bw 1950Kbit/s > > # > > # EVERYBODY "UP" > > add queue 101 ip from 192.168.42.0/24 to any > > queue 101 config weight 1 pipe 101 mask src-ip > > 0xffffffff > > pipe 101 config bw 350Kbit/s > > > > # THIS ALLOWS DHCP TO WORK > > add queue 250 ip from any to any > > queue 250 config weight 1 pipe 250 mask src-ip > > 0xffffffff > > pipe 250 config bw 10Kbit/s > > > > It sounds as though you are using a seperate box for > > shaping? If so, this > > configed box would go in between your router and > > switch as a bridge. > > > > Best, > > > > Tom > > > > ----- Original Message ----- > > From: "Alhagie Puye" > > To: > > Sent: Wednesday, October 22, 2003 12:45 AM > > Subject: Equal bandwidth sharing by all hosts using > > dummynet > > > > > > > Hi all, > > > > > > First of all, I have spent a lot of time reading > > up on > > > it. > > > > > > Anyway, I live in a shared accomodation with 2 > > > roommates and a landlord and we share a cable > > internet > > > connection. It is 2Mbit/400Kbit connection. > > Sometimes > > > when one of us is downloading a song through Kazaa > > or > > > a new Linux or FreeBSD iso, the bandwidth gets > > hogged > > > and other users can't get through. > > > > > > I was trying to configure dummynet using Fair > > Queues > > > but I seem to be missing something. I tried to > > modify > > > some of the examples on Luigi Rizzo's web site > > > (http://info.iet.unipi.it/~luigi/ip_dummynet/) but > > it > > > doesn't seem to be working. > > > > > > It is a very simple setup. > > > > > > Private network (192.168.42.0/24)--------> FreeBSD > > 5.1 > > > firewall doing NAT (DHCP on external interface) > > > > > > My configuration file excerpt: > > > > > > ipfw pipe 1 config bw 400Kbit/s > > > ipfw pipe 2 config bw 1000Kbit/s > > > ipfw add queue 1 ip from 192.168.42.0/24 to any > > via > > > fxp0 > > > ipfw queue 1 config weight 5 pipe 1 mask src-ip > > > 0xffffffff > > > > > > ipfw add queue 2 ip from any to 192.168.42.0/24 > > via > > > fxp0 > > > ipfw queue 2 config weight 5 pipe 2 mask dst-ip > > > 0xfffffff > > > > > > When I do a "ipfw pipe show", the output is: > > > > > > firewall# ipfw pipe list > > > 00001: 400.000 Kbit/s 0 ms 50 sl. 0 queues (1 > > > buckets) droptail > > > mask: 0x00 0x00000000/0x0000 -> > > 0x00000000/0x0000 > > > 00002: 1.000 Mbit/s 0 ms 50 sl. 0 queues (1 > > > buckets) droptail > > > mask: 0x00 0x00000000/0x0000 -> > > 0x00000000/0x0000 > > > q00001: weight 5 pipe 1 50 sl. 0 queues (64 > > buckets) > > > droptail > > > mask: 0x00 0xffffffff/0x0000 -> > > 0x00000000/0x0000 > > > q00002: weight 5 pipe 2 50 sl. 0 queues (64 > > buckets) > > > droptail > > > mask: 0x00 0x00000000/0x0000 -> > > 0xffffffff/0x0000 > > > > > > The queues are always "0". So, it seems to me like > > > they are not getting created. What am I missing? I > > > have looked everywhere for answers. Any help would > > be > > > greatly appreciated. > > > > > > Cheers, > > > Alhagie. > > > > > > > > > __________________________________ > > > Do you Yahoo!? > > > The New Yahoo! Shopping - with improved product > > search > > > http://shopping.yahoo.com > > > _______________________________________________ > > > freebsd-ipfw@freebsd.org mailing list > > > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > > > To unsubscribe, send any mail to > > "freebsd-ipfw-unsubscribe@freebsd.org" > > > > > > > > __________________________________ > Do you Yahoo!? > The New Yahoo! Shopping - with improved product search > http://shopping.yahoo.com >