Date: Mon, 3 Oct 2005 14:44:57 -0700 From: John-Mark Gurney <gurney_j@resnet.uoregon.edu> To: Arne =?iso-8859-1?Q?W=F6rner?= <arne_woerner@yahoo.com> Cc: Max Laier <max@love2party.net>, freebsd-net@freebsd.org Subject: Re: pf / queue+stateful / r generated rules assigned to the right queue? Message-ID: <20051003214457.GM716@funkthat.com> In-Reply-To: <20051003212133.84975.qmail@web30310.mail.mud.yahoo.com> References: <200510032246.57786.max@love2party.net> <20051003212133.84975.qmail@web30310.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Arne Wrner wrote this message on Mon, Oct 03, 2005 at 14:21 -0700: > Thank u for ur answer... > > --- Max Laier <max@love2party.net> wrote: > > 1) One can only queue *OUT*going traffic > > 2) All unclassified outgoing traffic ends up in the default > > queue > > 3) Don't forget about 1) > > > Hmm... > > Isn't it possible to tell the sender of a stream to slow down? > > In case of TCP I could think of a quite easy way to do so: > 1. ipfw does it... > 2. I would just delay the processing of the packet by the packet > filter after the apropriate rule has been identified as long as > necessary to reach the right bandwidth ratio... > 3. Right now I did it with ipfw... Seems to work... Although it > looks like up to 20 packets are waiting for the right bandwidth... > Maybe the server even re-sends some packets, when the > TCP-handshaking is missed? > > So I should do the traffic shaping on the server side? > > Since this seems to be more TCP/IP related, I would like to keep > this in the -net@ list... I have written a python script using divert sockets will only pass ack's to achieve the specified download rate... The problem with this is that it won't take into account retransmits, etc, but I feel it's acceptable.. It also will limit uploads, it won't reorder packets, so ack's have zero value against your upload rate, and upload's that don't ack data have zero value against the download rate... so, an example ./ratelimit.py -p 38345 -m 65536 -a $((128*1024)) -m 32768 -u 65536 & ipfw add divert 38345 tcp from any to any out xmit sk0 The -p sets the divert port, and the -m sets the queue depth of the next -a (ack) or -u (upload) stage... I've uploaded the scripts to: http://people.FreeBSD.org/~jmg/ratelimit/ You do need Dug Song's dpkt, though I'm not sure if 1.2 fixed the tcp checksum bug that was in 1.1 (or if it's even necessary since I'm not modifing the packet). -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051003214457.GM716>