From owner-freebsd-net@FreeBSD.ORG Thu May 25 12:59:44 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1939416A42C for ; Thu, 25 May 2006 12:59:44 +0000 (UTC) (envelope-from Hartmut.Brandt@dlr.de) Received: from smtp-3.dlr.de (smtp-3.dlr.de [195.37.61.187]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5F3A743D4C for ; Thu, 25 May 2006 12:59:43 +0000 (GMT) (envelope-from Hartmut.Brandt@dlr.de) Received: from dlr.de ([172.21.151.2]) by smtp-3.dlr.de over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Thu, 25 May 2006 14:59:41 +0200 Message-ID: <4475AAFD.5080701@dlr.de> Date: Thu, 25 May 2006 15:02:53 +0200 From: Hartmut Brandt User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7b) Gecko/20040316 X-Accept-Language: en-us, en MIME-Version: 1.0 To: benjamin@cactus.org References: <20060524233846.GA8189@linux.cactus.org> In-Reply-To: <20060524233846.GA8189@linux.cactus.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 25 May 2006 12:59:42.0118 (UTC) FILETIME=[16B5F460:01C67FFB] Cc: freebsd-net@freebsd.org Subject: Re: Blocking N consecutive packets with netgraph X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 May 2006 12:59:44 -0000 benjamin@cactus.org wrote: >I need to test a multicast streaming media application by selectively >dropping packets in the network connecting the source to the viewer. > >The capability I need is to drop N consecutive packets, where N ranges >from 1 to 50 and is chosen via the command line. > >I had hoped to do this with dummynet and ipfw, but apparently I can >only drop packets with a specified probablity. The network topology >for this method was to bridge two ethernet nics, then use dummynet pipes >to vary the bandwith and packet loss rate. > >I also tested a method using ipfw to temporarily enable packet block >rules using a short sleep interval, but there was only very coarse >control of the number of packets blocked. > >Is it feasible to do this with netgraph? Please outline how this may >be accomplihsed. > > Yes. Netgraph is really great for this kind of stuff. Four years ago I wrote a node that simulated a space ATM link. The entire thing controlled remotely via SNMP. Variable delay, various kinds of loss and so on. I got around 50MBit/sec throughput on a 2 CPU 1GHz machine, but the limiting factor was not the CPUs but the ATM cards. This year I did the same but for ethernet frames (to simulate a DVB-S2/RCS system). With two gigabit ethernet adaptors I get more than 100MBit/sec through the machine with a load in the order of 30%. It can probably do more, just didn't try it. Because you can load/unload the nodes without rebooting it is just great for development - just be a little careful not to crash the kernel. Your case should be easy: create a node with two hooks, connect them to the 'lower' hooks of the two ethernet nodes. Then in the receive function you just count the packets and drop as much as you need. What you don't drop you just send out the other hook. Control is via netgraph control messages. You just can enter them via ngctl. harti