From owner-freebsd-ipfw@FreeBSD.ORG Tue Jun 12 20:29:37 2007 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7948316A46B for ; Tue, 12 Jun 2007 20:29:37 +0000 (UTC) (envelope-from 0shady0recs0@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.240]) by mx1.freebsd.org (Postfix) with ESMTP id 39AC713C448 for ; Tue, 12 Jun 2007 20:29:37 +0000 (UTC) (envelope-from 0shady0recs0@gmail.com) Received: by an-out-0708.google.com with SMTP id c14so538794anc for ; Tue, 12 Jun 2007 13:29:36 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; b=URoMv926fHJVFBfeXV1znMwBhXCeoDMX60U2Tg+u4YBp/rZMJZMhhxOdAKQ3imFt+LpIiEqcMRwfRzyPCQeXkPLQ/0iq1y4+lgFQpYh/w/05laLCwzhc6jkYlXNaa9kJ7ijC604a3abN7SNI58xKLtAmM0KZbBM3B9MZBuDi5zc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=HsHei1P+iiZgHdWVihlUf0MACxT6alD9kMbt3FDgLayC26FEsGHzWDQALAbuGz+qgPUeUVrUIDSJmhy+U9mSvQ9emhXhQicdd+LFTwZKRx70O17cqmFjWF4RSAYWKYuGEZvyfnFHmzMClD82oN10ib4yzwpTZ7ZAePKWfmu6X8M= Received: by 10.100.33.14 with SMTP id g14mr4352845ang.1181678546219; Tue, 12 Jun 2007 13:02:26 -0700 (PDT) Received: by 10.100.91.12 with HTTP; Tue, 12 Jun 2007 13:02:26 -0700 (PDT) Message-ID: <937e203f0706121302ga14ec97wab7f1b5e3c58cdfd@mail.gmail.com> Date: Tue, 12 Jun 2007 22:02:26 +0200 From: "Lubomir Georgiev" <0shady0recs0@gmail.com> To: freebsd-ipfw@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: ipfw, pipes, queues, weights and managing an Internet connection X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jun 2007 20:29:37 -0000 h1 all, Here's what I want to do - i have a 3mbps Internet connection. I want to do something similar to QoS - that is, I want to be able to browse without feeling that for example I /or someone else behind the NAT/ is leeching a torrent. Since I found out that there is no pure incarnation of QoS in ipfw I believe that there is a way to accomplish this using the queues and weights. I have tried to do this by myself but it seems that there is no actual benefit of the weight parameter - I mean I do see the torrent speed go down but its after 4-8 seconds after I've told the browser to go fetch a page during which time it sits and waits. Here's what I currently have, involving queues and weigths in my ruleset -> > 02000 queue 1 ip from any to any src-port 80 not layer2 via fxp0 > 02100 queue 1 ip from any to any dst-port 80 not layer2 via fxp0 > 02200 queue 2 ip from any to any via fxp0 > and this is the pipe list > 00001: 440.000 Kbit/s 0 ms 50 sl. 0 queues (1 buckets) droptail > q00001: weight 95 pipe 1 50 sl. 1 queues (1 buckets) droptail > mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 > BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes > Pkt/Byte Drp > 0 tcp 10.11.0.246/1057 80.92.66.238/80 59038 41163646 0 > 0 0 > q00002: weight 5 pipe 1 50 sl. 1 queues (1 buckets) droptail > mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 > BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes > Pkt/Byte Drp > 0 udp 10.11.0.42/137 10.11.0.255/137 3148781 1921538209 15 > 14440 1046 > I read something about putting in ACK's with a higher priority but I'm just not quite sure what I need to do in order to achieve this result. Please do share if you've done something similar and whether it's possible to NOT feel AT ALL that someone is leeching. That is, can the packets' speed /dropping, etc./ be so quickly managed by the gateway as to the end user not feeling anything? Most basically I would like to utilize a pipe at all times, but when someone starts browsing I don't want him to feel that there's anything in the background. Thanks in advance to all who share their thoughts and opinions. Your help would be greatly appreciated. So let's get started... -- mEsS wItH tHe bEsT dIE liKe tHe rESt