From owner-freebsd-questions@FreeBSD.ORG Sun Sep 11 23:54:29 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EDFDD1065674 for ; Sun, 11 Sep 2011 23:54:29 +0000 (UTC) (envelope-from alexus@gmail.com) Received: from mail-pz0-f45.google.com (mail-pz0-f45.google.com [209.85.210.45]) by mx1.freebsd.org (Postfix) with ESMTP id C572D8FC14 for ; Sun, 11 Sep 2011 23:54:29 +0000 (UTC) Received: by pzk33 with SMTP id 33so20844394pzk.18 for ; Sun, 11 Sep 2011 16:54:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=X8RZNaYa1XjriLYFWN2WukVNf4rZd/qXoGvYSFoTUtI=; b=oAoaEcN+coKYfCvV5iJS+/tiQMyO3cQNeql6QG+2WIdCM1Hb27H21kXhPq/VJjh/38 xWrdrVUlocqASWpi6O2A3TLy5UGg3oWr9d9ZM0GEEj8q+/SPmKN7zh9yDFQSCKqccUvW rO/zLEnpuLso3cSpjXc4dbe0td7KX71b/MWKM= MIME-Version: 1.0 Received: by 10.68.41.5 with SMTP id b5mr236177pbl.184.1315785269167; Sun, 11 Sep 2011 16:54:29 -0700 (PDT) Received: by 10.143.164.7 with HTTP; Sun, 11 Sep 2011 16:54:29 -0700 (PDT) In-Reply-To: References: <108373957.20110912012809@yandex.ru> Date: Sun, 11 Sep 2011 19:54:29 -0400 Message-ID: From: alexus To: Michael Sierchio Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: =?UTF-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?= , freebsd-questions@freebsd.org Subject: Re: traffic shaping freebsd X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Sep 2011 23:54:30 -0000 su-4.2# grep pipe /etc/ipfw.rules pipe flush pipe 1 config bw 1Mbit/s mask dst-port www pipe 2 config bw 1Mbit/s mask src-port www pipe 3 config bw 1Mbit/s mask dst-port 3128 add 3128 pipe 3 tcp from any to any src-port 3128 uid root add 8381 pipe 1 tcp from any to any dst-port www uid daemon add 8382 pipe 2 tcp from any to any src-port www uid daemon su-4.2# su-4.2# ipfw show | grep -E 'pipe 1|pipe 2' && ipfw pipe show 1 ; ipfw pipe show 2 08381 11190 815447 pipe 1 tcp from any to any dst-port 80 uid daemon 08382 14394 16926849 pipe 2 tcp from any 80 to any uid daemon 00001: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte= Drp 0 tcp 64.237.55.83/64730 69.10.58.25/80 11190 815447 0 0= 0 00002: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte= Drp 0 tcp 69.10.58.25/80 64.237.55.83/64730 14394 16926849 0 0= 10 su-4.2# ipfw show | grep -E 'pipe 1|pipe 2' && ipfw pipe show 1 ; ipfw pipe show 2 08381 11218 817225 pipe 1 tcp from any to any dst-port 80 uid daemon 08382 14434 16979213 pipe 2 tcp from any 80 to any uid daemon 00001: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte= Drp 0 tcp 64.237.55.83/64730 69.10.58.25/80 11218 817225 0 0= 0 00002: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte= Drp 0 tcp 69.10.58.25/80 64.237.55.83/64730 14434 16979213 0 0= 10 su-4.2# as you see ipfw rules matches as count is increasing, yet pipe i'm not seeing any difference at all, its like it matched first time and that's it... yet pipe shows different output su-4.2# ipfw show | grep 'pipe 3' && ipfw pipe show 3 03128 37483 71276160 pipe 3 tcp from any 3128 to any uid root 00003: 1.000 Mbit/s 0 ms 50 sl. 4 queues (64 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0c38 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte= Drp 0 ip 0.0.0.0/0 0.0.0.0/1056 16 2383 0 0 = 0 16 ip 0.0.0.0/0 0.0.0.0/1032 8 9398 0 0 = 0 32 ip 0.0.0.0/0 0.0.0.0/2096 41 43167 0 0 = 0 48 ip 0.0.0.0/0 0.0.0.0/56 2 7074 0 0 = 0 su-4.2# !! ipfw show | grep 'pipe 3' && ipfw pipe show 3 03128 39285 74616912 pipe 3 tcp from any 3128 to any uid root 00003: 1.000 Mbit/s 0 ms 50 sl. 4 queues (64 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0c38 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte= Drp 0 ip 0.0.0.0/0 0.0.0.0/1056 19 20651 0 0 = 0 16 ip 0.0.0.0/0 0.0.0.0/1064 36 41781 0 0 = 0 32 ip 0.0.0.0/0 0.0.0.0/1072 43 53920 0 0 = 0 48 ip 0.0.0.0/0 0.0.0.0/2104 3 595 0 0 = 0 su-4.2# why is it seeing source ip/port as 0/0 and dest 0/? i dont understand that at all On Sun, Sep 11, 2011 at 7:06 PM, Michael Sierchio wrot= e: > On Sun, Sep 11, 2011 at 3:38 PM, alexus wrote: >> thanks, but did u actually tried it? > > If what you're asking is, "does traffic shaping work?" =C2=A0the answer i= s > yes. =C2=A0There are some provisos - you must create an outbound pipe and > an inbound pipe that accurately reflect the observed network > performance (not what your ISP told you). =C2=A0This is because when you > create queues of different weights, the weights are only imposed when > one or more queues are full. > > See http://info.iet.unipi.it/~luigi/dummynet/ > > The place to start is to find out what kind of upload and download > throughput you get, then create pipes that are 95% of those observed > values (one up, one down), then instantiate queues with different > weights on each pipe, then create rules that match packets according > to which pipe they should go in. =C2=A0Also consider that the sysctl > variable, net.inet.ip.fw.one_pass, might need to be 0 and not 1, > depending on whether queued packets need further processing. > --=20 http://alexus.org/