From owner-freebsd-ipfw@FreeBSD.ORG  Wed Dec  3 22:19:19 2014
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 83520CEC
 for <freebsd-ipfw@freebsd.org>; Wed,  3 Dec 2014 22:19:19 +0000 (UTC)
Received: from mail-lb0-x242.google.com (mail-lb0-x242.google.com
 [IPv6:2a00:1450:4010:c04::242])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 021BF679
 for <freebsd-ipfw@freebsd.org>; Wed,  3 Dec 2014 22:19:18 +0000 (UTC)
Received: by mail-lb0-f194.google.com with SMTP id l4so3134859lbv.5
 for <freebsd-ipfw@freebsd.org>; Wed, 03 Dec 2014 14:19:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=googlemail.com; s=20120113;
 h=mime-version:from:date:message-id:subject:to:content-type;
 bh=a1vaF8nLU0IlW9JeMzyLNcEDEYt76B4nfWWP3inrJZk=;
 b=T9sytu1cyOaHQ0d3GkO3Zsn0vAL53G/eeHr7m8eofxaBxQE7AKCfWy+8lswkkszu5E
 ZZOyro12qz/UU1hr73iCWtBYuRl5PB1m8+7Q54bthB1qnA+nuLkKScPq3BqfR/9tcWRh
 SxwU3u3p71pFNZp7HF5+qDcywx0Jgji8Ci73NAoMs4wn/x6C7n2tK2/qugfUTdHfAMXB
 k+zZhMMkJ9/HItNjj4TZy0FRVpX7YvJLY2tXtACHxVOQCEhhiJpPwTyWjwLnfhzvwgzG
 rIwmlFAGWzGbMKr2sZuvHToJlp0MYrRUFP9rs99pJOAQKUE6oTLGwsvozid1lkbSBllV
 ejag==
X-Received: by 10.112.52.37 with SMTP id q5mr6275966lbo.32.1417645156955; Wed,
 03 Dec 2014 14:19:16 -0800 (PST)
MIME-Version: 1.0
Received: by 10.25.163.73 with HTTP; Wed, 3 Dec 2014 14:18:56 -0800 (PST)
From: Ahmed Kamal <email.ahmedkamal@googlemail.com>
Date: Thu, 4 Dec 2014 00:18:56 +0200
Message-ID: <CANzjMX5qVbNUThLyFOwxthUsMhbgw08pETRJDjyZ8WrDuDoLbA@mail.gmail.com>
Subject: ipfw pipe bursting, not working
To: freebsd-ipfw@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw/>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Dec 2014 22:19:19 -0000

Hi,

I am using pfsense (hope this is not frowned upon) to configure ipfw
limiting. I am finding that rate limiting is working great, however the
"burst" parameter does not seem to have any effect at all. I found this bug
open https://redmine.pfsense.org/issues/3933 .. Based on the milestone, I'm
not expecting a speedy fix.

I would like to help debug whats wrong, I am pasting below the output of
"ipfw pipe show" I am hoping a more experienced eye can spot a
misconfiguration .. Thanks for the help

# ipfw pipe show

00002:   3.000 Mbit/s    0 ms burst 50000000
q131074  50 sl. 0 flows (1 buckets) sched 65538 weight 0 lmax 0 pri 0
droptail
 sched 65538 type FIFO flags 0x1 256 buckets 27 active
    mask:  0x00 0x00000000/0x0000 -> 0xffffffff/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte
Drp
 19 ip           0.0.0.0/0           10.0.0.19/0       13    19396  0    0
  0
 55 ip           0.0.0.0/0           10.0.0.55/0       51     6504  0    0
  0
 78 ip           0.0.0.0/0           10.0.0.78/0        1       52  0    0
  0
 81 ip           0.0.0.0/0           10.0.0.81/0      565   136618  0    0
  0
 83 ip           0.0.0.0/0           10.0.0.83/0       74    14998  0    0
  0
 90 ip           0.0.0.0/0           10.0.0.90/0       21     2011  0    0
  0
100 ip           0.0.0.0/0          10.0.0.100/0     4465  2173866  0    0
  0
101 ip           0.0.0.0/0          10.0.0.101/0     1077  1268015  0    0
  0
110 ip           0.0.0.0/0          10.0.0.110/0       53     6269  0    0
  0
124 ip           0.0.0.0/0          10.0.0.124/0       15     2064  0    0
  0
134 ip           0.0.0.0/0          10.0.0.134/0      637   134530  0    0
  0
135 ip           0.0.0.0/0          10.0.0.135/0      343    63025  0    0
  0
143 ip           0.0.0.0/0          10.0.0.143/0       32     3109  0    0
  0
145 ip           0.0.0.0/0          10.0.0.145/0      250   117755  0    0
  0
147 ip           0.0.0.0/0          10.0.0.147/0     62037 85170555  0    0
347
150 ip           0.0.0.0/0          10.0.0.150/0      322    71834  0    0
  0
152 ip           0.0.0.0/0          10.0.0.152/0      433   242323  0    0
  0
156 ip           0.0.0.0/0          10.0.0.156/0      147    72501  0    0
  0
174 ip           0.0.0.0/0          10.0.0.174/0     1635  1202725  0    0
  0
180 ip           0.0.0.0/0          10.0.0.180/0      847   325265  0    0
  0
183 ip           0.0.0.0/0          10.0.0.183/0       94    21052  0    0
  0
187 ip           0.0.0.0/0          10.0.0.187/0        2      274  0    0
  0
191 ip           0.0.0.0/0         54.76.66.39/0        1       40  0    0
  0
193 ip           0.0.0.0/0          10.0.0.193/0      127    33068  0    0
  0
197 ip           0.0.0.0/0          10.0.0.197/0        1      141  0    0
  0
198 ip           0.0.0.0/0          10.0.0.198/0       58    15346  0    0
  0
199 ip           0.0.0.0/0          10.0.0.199/0     4078  5472882  0    0
  0

From owner-freebsd-ipfw@FreeBSD.ORG  Fri Dec  5 19:52:06 2014
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 6765F24C
 for <freebsd-ipfw@freebsd.org>; Fri,  5 Dec 2014 19:52:06 +0000 (UTC)
Received: from mail-lb0-x244.google.com (mail-lb0-x244.google.com
 [IPv6:2a00:1450:4010:c04::244])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id CDA91E2B
 for <freebsd-ipfw@freebsd.org>; Fri,  5 Dec 2014 19:52:05 +0000 (UTC)
Received: by mail-lb0-f196.google.com with SMTP id f15so232777lbj.11
 for <freebsd-ipfw@freebsd.org>; Fri, 05 Dec 2014 11:52:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=googlemail.com; s=20120113;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :content-type; bh=CVmP01v8a6T3AuTPdeEUrYl018GImSs32ZPcwDStqlE=;
 b=Ei+tlgb3/qcp44N5CoYjAttgzNXOo8m2vRum41BKeq14Fim6VR+1RnmjUkwp74vxTg
 ntMYa6XvHSe5ogrCf/XHsx9/R8W+nC9qTcYIekgWqTHWfpY7ZArXTqFnxnDjYATFA8Br
 nBRrMhBl8CDN9qnStYXor7BAAl/g3tA4Kn2STovJMd2r2jEL6UDS62KwDUfbCM9WXYtr
 duPRwAN0qGgSTaE26ZcKVPIYjD1aQLi6GwXroQpvHAhRirnDdX0+qYtlAdYupW+S07MH
 HpLK27UiujDgF+sGeym1xmD0eT6ZUm/fjuwBorTSTfJEoGKA6wgjM9SVdFhLQ+6rXnY+
 yWCQ==
X-Received: by 10.153.7.170 with SMTP id dd10mr4521186lad.44.1417809123818;
 Fri, 05 Dec 2014 11:52:03 -0800 (PST)
MIME-Version: 1.0
Received: by 10.25.163.73 with HTTP; Fri, 5 Dec 2014 11:51:43 -0800 (PST)
In-Reply-To: <CANzjMX5qVbNUThLyFOwxthUsMhbgw08pETRJDjyZ8WrDuDoLbA@mail.gmail.com>
References: <CANzjMX5qVbNUThLyFOwxthUsMhbgw08pETRJDjyZ8WrDuDoLbA@mail.gmail.com>
From: Ahmed Kamal <email.ahmedkamal@googlemail.com>
Date: Fri, 5 Dec 2014 21:51:43 +0200
Message-ID: <CANzjMX6OQt8XuoXfG0zDVp7iRQZ_yy4JgdfRNLiGjecNtvUsPA@mail.gmail.com>
Subject: Re: ipfw pipe bursting, not working
To: freebsd-ipfw@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw/>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Dec 2014 19:52:06 -0000

Hi folks,

Any thoughts on why "burst" is not having any effect? I'd really appreciate
any feedback .. Thanks

On Thu, Dec 4, 2014 at 12:18 AM, Ahmed Kamal <
email.ahmedkamal@googlemail.com> wrote:

> Hi,
>
> I am using pfsense (hope this is not frowned upon) to configure ipfw
> limiting. I am finding that rate limiting is working great, however the
> "burst" parameter does not seem to have any effect at all. I found this bug
> open https://redmine.pfsense.org/issues/3933 .. Based on the milestone,
> I'm not expecting a speedy fix.
>
> I would like to help debug whats wrong, I am pasting below the output of
> "ipfw pipe show" I am hoping a more experienced eye can spot a
> misconfiguration .. Thanks for the help
>
> # ipfw pipe show
>
> 00002:   3.000 Mbit/s    0 ms burst 50000000
> q131074  50 sl. 0 flows (1 buckets) sched 65538 weight 0 lmax 0 pri 0
> droptail
>  sched 65538 type FIFO flags 0x1 256 buckets 27 active
>     mask:  0x00 0x00000000/0x0000 -> 0xffffffff/0x0000
> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes
> Pkt/Byte Drp
>  19 ip           0.0.0.0/0           10.0.0.19/0       13    19396  0
>  0   0
>  55 ip           0.0.0.0/0           10.0.0.55/0       51     6504  0
>  0   0
>  78 ip           0.0.0.0/0           10.0.0.78/0        1       52  0
>  0   0
>  81 ip           0.0.0.0/0           10.0.0.81/0      565   136618  0
>  0   0
>  83 ip           0.0.0.0/0           10.0.0.83/0       74    14998  0
>  0   0
>  90 ip           0.0.0.0/0           10.0.0.90/0       21     2011  0
>  0   0
> 100 ip           0.0.0.0/0          10.0.0.100/0     4465  2173866  0
>  0   0
> 101 ip           0.0.0.0/0          10.0.0.101/0     1077  1268015  0
>  0   0
> 110 ip           0.0.0.0/0          10.0.0.110/0       53     6269  0
>  0   0
> 124 ip           0.0.0.0/0          10.0.0.124/0       15     2064  0
>  0   0
> 134 ip           0.0.0.0/0          10.0.0.134/0      637   134530  0
>  0   0
> 135 ip           0.0.0.0/0          10.0.0.135/0      343    63025  0
>  0   0
> 143 ip           0.0.0.0/0          10.0.0.143/0       32     3109  0
>  0   0
> 145 ip           0.0.0.0/0          10.0.0.145/0      250   117755  0
>  0   0
> 147 ip           0.0.0.0/0          10.0.0.147/0     62037 85170555  0
>  0 347
> 150 ip           0.0.0.0/0          10.0.0.150/0      322    71834  0
>  0   0
> 152 ip           0.0.0.0/0          10.0.0.152/0      433   242323  0
>  0   0
> 156 ip           0.0.0.0/0          10.0.0.156/0      147    72501  0
>  0   0
> 174 ip           0.0.0.0/0          10.0.0.174/0     1635  1202725  0
>  0   0
> 180 ip           0.0.0.0/0          10.0.0.180/0      847   325265  0
>  0   0
> 183 ip           0.0.0.0/0          10.0.0.183/0       94    21052  0
>  0   0
> 187 ip           0.0.0.0/0          10.0.0.187/0        2      274  0
>  0   0
> 191 ip           0.0.0.0/0         54.76.66.39/0        1       40  0
>  0   0
> 193 ip           0.0.0.0/0          10.0.0.193/0      127    33068  0
>  0   0
> 197 ip           0.0.0.0/0          10.0.0.197/0        1      141  0
>  0   0
> 198 ip           0.0.0.0/0          10.0.0.198/0       58    15346  0
>  0   0
> 199 ip           0.0.0.0/0          10.0.0.199/0     4078  5472882  0
>  0   0
>