From owner-freebsd-ipfw@FreeBSD.ORG Thu Nov 18 00:43:18 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6C7FC16A4D1 for ; Thu, 18 Nov 2004 00:43:18 +0000 (GMT) Received: from smtp19.wxs.nl (smtp19.wxs.nl [195.121.6.15]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2391C43D5A for ; Thu, 18 Nov 2004 00:43:18 +0000 (GMT) (envelope-from freebsd@akruijff.dds.nl) Received: from kruij557.speed.planet.nl (ipd50a97ba.speed.planet.nl [213.10.151.186]) by smtp19.wxs.nl (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <0I7C00L35NA3IS@smtp19.wxs.nl> for freebsd-ipfw@freebsd.org; Thu, 18 Nov 2004 01:42:03 +0100 (CET) Received: from Alex.lan (localhost [127.0.0.1]) by kruij557.speed.planet.nl (8.13.1/8.13.1) with ESMTP id iAI0g0Go097431; Thu, 18 Nov 2004 01:42:00 +0100 Received: (from akruijff@localhost) by Alex.lan (8.13.1/8.13.1/Submit) id iAI0fxcH097430; Thu, 18 Nov 2004 01:41:59 +0100 Content-return: prohibited Date: Thu, 18 Nov 2004 01:41:59 +0100 From: Alex de Kruijff In-reply-to: <418766FE.50702@sofia.itdnet.net> To: Evgeny Ivanov Message-id: <20041118004159.GC1062@Alex.lan> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Content-disposition: inline User-Agent: Mutt/1.4.2.1i References: <418766FE.50702@sofia.itdnet.net> X-Authentication-warning: Alex.lan: akruijff set sender to freebsd@akruijff.dds.nl using -f cc: freebsd-ipfw@freebsd.org Subject: Re: bandwidth limitations X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Nov 2004 00:43:18 -0000 On Tue, Nov 02, 2004 at 12:52:46PM +0200, Evgeny Ivanov wrote: > > > HI all, > > > I have a problem/question. This is something that I cannot explain to > myself why it is happening. > > The machine was originaly installed on 4.9 Stable and was upgrated to > 4.10. The IPFW is version 2 - because i needed to use the lookup tables > and the autonic step change. I use the lookup tables to split the > trafffic ( received from IPS for the 3 nets ) into 2 flows - a local > one and international. I am doing that by describing the networks into > table and then using skipto for sending it to different pipes. I dont > use queue becaus it is not working quite well with ipfw2. The rules are > like that: I've had a problem in the pas with Queus on 5.2, but this is now resolved. I have no problem. > > 00005 180161 262752066 skipto 1100 ip from table(1) to net2 out via fxp2 > 01000 8121 5276242 pipe 1000 ip from any to net2 out via fxp2 > 01100 180161 262752066 pipe 1100 ip from any to net2 out via fxp2 > 65535 88428442 64567418299 allow ip from any to any > > Same is for each other 2 nets. The router/shaper ISP-NIC has no any > limitations. All NICs are fxp's. > > The problem is that I have is that when I load the ipfw rules I cannot > use more than 30Mbps received from ISP-NIC. When I flush the rules the > speed goes up to 80Mbps. > > Can anyone give an advice why is that? What should I do to use at least > 80Mbps after applying the rules? I'm guessing you are using natd. You could check with top to see if natd taked up much CPU power. If this is the case then you need to pass less packets thougth natd. -- Alex Please copy the original recipients, otherwise I may not read your reply. WWW: http://www.kruijff.org/alex/FreeBSD/