From owner-freebsd-questions@FreeBSD.ORG  Tue Jan 27 15:57:37 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B69D31065716
	for <freebsd-questions@freebsd.org>;
	Tue, 27 Jan 2009 15:57:37 +0000 (UTC)
	(envelope-from sebastian.mellmann@net.t-labs.tu-berlin.de)
Received: from mail.net.t-labs.tu-berlin.de (mail.net.t-labs.tu-berlin.de
	[130.149.220.252])
	by mx1.freebsd.org (Postfix) with ESMTP id 44F438FC1C
	for <freebsd-questions@freebsd.org>;
	Tue, 27 Jan 2009 15:57:37 +0000 (UTC)
	(envelope-from sebastian.mellmann@net.t-labs.tu-berlin.de)
Received: from anubis.getmyip.com (anubis.getmyip.com [78.46.33.178])
	by mail.net.t-labs.tu-berlin.de (Postfix) with ESMTP id 0B09470015D8;
	Tue, 27 Jan 2009 16:57:35 +0100 (CET)
Received: from 62.206.221.107 (SquirrelMail authenticated user smellmann)
	by anubis.getmyip.com with HTTP;
	Tue, 27 Jan 2009 16:57:36 +0100 (CET)
Message-ID: <58305.62.206.221.107.1233071856.squirrel@anubis.getmyip.com>
Date: Tue, 27 Jan 2009 16:57:36 +0100 (CET)
From: "Sebastian Mellmann" <sebastian.mellmann@net.t-labs.tu-berlin.de>
To: "Ian Smith" <smithi@nimnet.asn.au>
User-Agent: SquirrelMail/1.4.9a
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: freebsd-questions@freebsd.org
Subject: Re: IPFW DUMMYNET: Several pipes after each other
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: sebastian.mellmann@net.t-labs.tu-berlin.de
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jan 2009 15:57:39 -0000

Ian Smith wrote:

> That's a very good ipfw tutorial, given parts of it are a bit outdated
> (FreeBSD 4.x) but it covers a lot of useful background. I just skimmed
> lots of it now but nothing I read jarred, unlike the Handbook section.
>
>  > If I choose the default (50 packets) it means that it takes approx.
> 100ms
>  > (600kbits / 6144kbits) to fill the queue.
>  > So the question is: Which value to choose for the queue?
>
> It's going to depend on lots of things, your workload, upstream push ..
> you could start with more like the default and adjust as necessary?

Sounds like a good idea.
I'll just start with the default and see if works in my setup.

>  > > And you'll surely need a much larger queue for this pipe, at
> 100Mbit/s.
>  >
>  > As already asked above:
>  >
>  > How do I know the queue is large or small enough for my needs?
>
> I'm never sure, so tend to experiment.  How fast your hardware is and
> kern.hz setting could be significant factors, as could be TCP/UDP mix
> and other factors I know little about.  Reducing reported packet drops
> is about all I've used for a guide so far.  This one is a FreeBSd 4.8
> box, a 2.4GHz P4 doing little but being a filtering bridge between a
> 8192/384kbps ADSL link and nests of mostly XP boxes in 3 LAN groups:
>
> !ipfw pipe show | egrep 'tcp|bit'
> 00010: 256.000 Kbit/s    0 ms  30 KB 1 queues (1 buckets) droptail
>   0 tcp     192.168.0.23/1043     207.46.17.61/80    7196387 2897628161  0
>    0 9706
> 00020:   5.120 Mbit/s    0 ms  50 KB 1 queues (1 buckets) droptail
>   0 tcp     207.46.17.61/80       192.168.0.23/1043  9977802 12858014698
> 0    0 63260
>
> 00040:  96.000 Kbit/s    0 ms  20 KB 1 queues (1 buckets) droptail
>   0 tcp     192.168.0.45/1037    66.249.89.147/443   2315107 299340364  0
>   0 2086
> 00050:   1.536 Mbit/s    0 ms  40 KB 1 queues (1 buckets) droptail
>   0 tcp    66.249.89.147/443      192.168.0.45/1037  3279021 3802388928  0
>    0 22433
>
> 00060: 192.000 Kbit/s    0 ms  30 KB 1 queues (1 buckets) droptail
>   0 tcp     192.168.0.64/1032    207.46.106.36/1863  1847947 563209421  0
>   0 141
> 00070:   3.072 Mbit/s    0 ms  40 KB 1 queues (1 buckets) droptail
>   0 tcp    207.46.106.36/1863     192.168.0.64/1032  2438211 3075075035  0
>    0 4550
>
> It's nearly all streaming rather than more interactive traffic, so
> pipe latency isn't so much of a concern.  Anyway, I rarely actually
> catch any traffic still in-queue, which you can stare at for tuning.
>
> Also, that's aggregate traffic, not per IP as with your masks (which
> look maybe wider than necessary, 0x0000ffff covers a /16) so you may
> wind up with lots of separate queues sharing a pipe, which may look
> very different.  How many hosts, how much memory to spare for each?


Is there any chance to get the dropped packets for _each_ queue (e.g.
logged to a file for further investigation)?
Does ipfw provide something here?

I'm mainly doing experiments with different kinds of settings (bandwidth
limitations, variable delay, dropped packets probability etcpp.) and I
want to see how many packets are actually dropped by ipfw.


> HTH, Ian

Regards and thanks for the help so far,
Sebastian