Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 11 Sep 2011 19:54:29 -0400
From:      alexus <alexus@gmail.com>
To:        Michael Sierchio <kudzu@tenebras.com>
Cc:        =?UTF-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?= <kes-kes@yandex.ru>, freebsd-questions@freebsd.org
Subject:   Re: traffic shaping freebsd
Message-ID:  <CAJxePNKY50UfPvDtoVhNz0kY8vDn87nubwWwh_Koa-KsBKYoEA@mail.gmail.com>
In-Reply-To: <CAHu1Y70uCvtjEr=h%2BUEPRfQSOh-3r0VAi6L7rrY92HzUisFTUw@mail.gmail.com>
References:  <CAJxePN%2BXUGCL0GPGEboFoEhONb9YXHFjxamVucf7=rm8YwAJCA@mail.gmail.com> <108373957.20110912012809@yandex.ru> <CAJxePNLSJj-6LcfA1ff6fZ2c1B=QjL-CBr1RSzi=j2w275T3kQ@mail.gmail.com> <CAHu1Y70uCvtjEr=h%2BUEPRfQSOh-3r0VAi6L7rrY92HzUisFTUw@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
su-4.2# grep pipe /etc/ipfw.rules
pipe flush
pipe 1 config bw 1Mbit/s mask dst-port www
pipe 2 config bw 1Mbit/s mask src-port www
pipe 3 config bw 1Mbit/s mask dst-port 3128
add 3128 pipe 3 tcp from any to any src-port 3128 uid root
add 8381 pipe 1 tcp from any to any dst-port www uid daemon
add 8382 pipe 2 tcp from any to any src-port www uid daemon
su-4.2#


su-4.2# ipfw show | grep -E 'pipe 1|pipe 2' && ipfw pipe show 1 ; ipfw
pipe show 2
08381  11190    815447 pipe 1 tcp from any to any dst-port 80 uid daemon
08382  14394  16926849 pipe 2 tcp from any 80 to any uid daemon
00001:   1.000 Mbit/s    0 ms   50 sl. 1 queues (1 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte=
 Drp
  0 tcp     64.237.55.83/64730     69.10.58.25/80    11190   815447  0    0=
   0
00002:   1.000 Mbit/s    0 ms   50 sl. 1 queues (1 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte=
 Drp
  0 tcp      69.10.58.25/80       64.237.55.83/64730 14394 16926849  0    0=
  10
su-4.2# ipfw show | grep -E 'pipe 1|pipe 2' && ipfw pipe show 1 ; ipfw
pipe show 2
08381  11218    817225 pipe 1 tcp from any to any dst-port 80 uid daemon
08382  14434  16979213 pipe 2 tcp from any 80 to any uid daemon
00001:   1.000 Mbit/s    0 ms   50 sl. 1 queues (1 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte=
 Drp
  0 tcp     64.237.55.83/64730     69.10.58.25/80    11218   817225  0    0=
   0
00002:   1.000 Mbit/s    0 ms   50 sl. 1 queues (1 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte=
 Drp
  0 tcp      69.10.58.25/80       64.237.55.83/64730 14434 16979213  0    0=
  10
su-4.2#

as you see ipfw rules matches as count is increasing, yet pipe i'm not
seeing any difference at all, its like it matched first time and
that's it...

yet pipe shows different output

su-4.2# ipfw show | grep 'pipe 3' && ipfw pipe show 3
03128  37483  71276160 pipe 3 tcp from any 3128 to any uid root
00003:   1.000 Mbit/s    0 ms   50 sl. 4 queues (64 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0c38
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte=
 Drp
  0 ip           0.0.0.0/0             0.0.0.0/1056    16     2383  0    0 =
  0
 16 ip           0.0.0.0/0             0.0.0.0/1032     8     9398  0    0 =
  0
 32 ip           0.0.0.0/0             0.0.0.0/2096    41    43167  0    0 =
  0
 48 ip           0.0.0.0/0             0.0.0.0/56       2     7074  0    0 =
  0
su-4.2# !!
ipfw show | grep 'pipe 3' && ipfw pipe show 3
03128  39285  74616912 pipe 3 tcp from any 3128 to any uid root
00003:   1.000 Mbit/s    0 ms   50 sl. 4 queues (64 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0c38
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte=
 Drp
  0 ip           0.0.0.0/0             0.0.0.0/1056    19    20651  0    0 =
  0
 16 ip           0.0.0.0/0             0.0.0.0/1064    36    41781  0    0 =
  0
 32 ip           0.0.0.0/0             0.0.0.0/1072    43    53920  0    0 =
  0
 48 ip           0.0.0.0/0             0.0.0.0/2104     3      595  0    0 =
  0
su-4.2#

why is it seeing source ip/port as 0/0 and dest 0/? i dont understand
that at all

On Sun, Sep 11, 2011 at 7:06 PM, Michael Sierchio <kudzu@tenebras.com> wrot=
e:
> On Sun, Sep 11, 2011 at 3:38 PM, alexus <alexus@gmail.com> wrote:
>> thanks, but did u actually tried it?
>
> If what you're asking is, "does traffic shaping work?" =C2=A0the answer i=
s
> yes. =C2=A0There are some provisos - you must create an outbound pipe and
> an inbound pipe that accurately reflect the observed network
> performance (not what your ISP told you). =C2=A0This is because when you
> create queues of different weights, the weights are only imposed when
> one or more queues are full.
>
> See http://info.iet.unipi.it/~luigi/dummynet/
>
> The place to start is to find out what kind of upload and download
> throughput you get, then create pipes that are 95% of those observed
> values (one up, one down), then instantiate queues with different
> weights on each pipe, then create rules that match packets according
> to which pipe they should go in. =C2=A0Also consider that the sysctl
> variable, net.inet.ip.fw.one_pass, might need to be 0 and not 1,
> depending on whether queued packets need further processing.
>



--=20
http://alexus.org/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJxePNKY50UfPvDtoVhNz0kY8vDn87nubwWwh_Koa-KsBKYoEA>