From owner-freebsd-ipfw@FreeBSD.ORG Tue May 6 05:14:11 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA76A37B401 for ; Tue, 6 May 2003 05:14:11 -0700 (PDT) Received: from mail.globalintellisystems.com (mail.globalintellisystems.com [216.127.132.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1956A43FB1 for ; Tue, 6 May 2003 05:14:11 -0700 (PDT) (envelope-from jbrogan@jbrogan.com) Received: from mail.jbrogan.com ([216.127.150.21])h46CE9cQ050139 for ; Tue, 6 May 2003 08:14:10 -0400 (EDT) (envelope-from jbrogan@jbrogan.com) Message-Id: <5.2.0.9.2.20030506074616.02930530@mail.jbrogan.com> X-Sender: jbrogan@mail.jbrogan.com X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Tue, 06 May 2003 08:14:42 -0400 To: freebsd-ipfw@freebsd.org From: John Brogan Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Bandwidth is limited under defined limit X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2003 12:14:12 -0000 I'm not sure what details I should grab from our system but here is a breakdown of the problem. Router: running freebsd 4.7-p10 running ipfw for for firewall and simple traffic shaper. Circuit: 36mbps Problem: Trying to limit port 25 traffic from inside our network to use no more than 30mbps at any time, leaving 6mbps for web and other traffic. I am only getting 22mbps of outbound port 25 traffic no matter how I alter the pipe statement (below) in my rc.firewall at the top of the ruleset I have: ${fwcmd} add pipe 1 tcp from x.x.x.x/24 to any 25 ${fwcmd} pipe 1 config bw 30Mbit/s (I'm showing x's instead of digits for reference) If I do an ipfw -a list, the pipe shows up as: 00400 57500157 62391158214 pipe 1 tcp from x.x.x.x/24 to any 25 if I do an "ipfw pipe show" I get: 00001: 30.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 tcp x.x.x.x/3576 x.x.x.x/25 62443512 67705656555 0 0 6649763 I can set that "pipe 1 config bw" statement to 90mbps or 100mbps or something outrageous and it still does not want to let bandwidth go over 22mbps for port 25 traffic I am delivering news (opt-in only) for a very large cable news company and we are trying to figure out how to get more bandwidth for port 25 but not to saturate the circuit. If we remove the pipe alltogether just to make certain it's not some hardware issue then we almost immediately saturate the link at 100% with just port 25 traffic. I've read through the archives but have not found something similar to this, or at least from what I searched for. What could be causing this and if you have suggestions for other settings to make on this, I would appreciate the help. I'd rather use ipfw than buy a piece of hardware to do the bandwidht limiting because I've been a freebsd user back to the 1.1.5.1 days and believe in the product and project 100% Oh, and if anyone knows how I can get in touch with Rod Grimes, please let me know or pass my address along to him. I have a potential project for him. Many Thanks John Brogan jbrogan.com