From owner-freebsd-net@FreeBSD.ORG Mon Jan 29 05:36:04 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8A23D16A400 for ; Mon, 29 Jan 2007 05:36:04 +0000 (UTC) (envelope-from aronesimi@yahoo.com) Received: from web58605.mail.re3.yahoo.com (web58605.mail.re3.yahoo.com [68.142.236.203]) by mx1.freebsd.org (Postfix) with SMTP id 50CE513C442 for ; Mon, 29 Jan 2007 05:36:04 +0000 (UTC) (envelope-from aronesimi@yahoo.com) Received: (qmail 66545 invoked by uid 60001); 29 Jan 2007 05:09:22 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=vduOhf/SImFOcPKt0o3l9ePlOA9ABG8pjnMukDnOLkh/UecCEb24B9GIuqIlhwWtur18GBn2gh1/7Q7pJcAvTSRDr+vgC/mj647fcneTMIZ35CIQg5UC2n4FiuAVA7gUCeN1zgL3vKtTKYQy2ZBY4AbZc4/dI1BiiQRWns/xqRU=; Received: from [75.72.230.91] by web58605.mail.re3.yahoo.com via HTTP; Sun, 28 Jan 2007 21:09:22 PST Date: Sun, 28 Jan 2007 21:09:22 -0800 (PST) From: Arone Silimantia To: freebsd-net@freebsd.org MIME-Version: 1.0 Message-ID: <464814.62688.qm@web58605.mail.re3.yahoo.com> X-Mailman-Approved-At: Mon, 29 Jan 2007 12:26:33 +0000 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: ipfw pipe show ... help with output is needed, please. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jan 2007 05:36:04 -0000 I set up a dummynet pipe with this sequence of commands: sysctl -w net.inet.ip.fw.one_pass=0 ipfw pipe 1 config bw 16Mbit/s ipfw add 10000 pipe 1 all from any to any So far so good. Works great. However, when I look at the pipe itself, with this command: ipfw pipe show 1 I see this: # ipfw pipe show 1 00001: 16.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 tcp 1.2.3.4/22 1.2.3.4/4333 2970975653 2649647615805 2 2992 10414733 I would like to clarify a few things... First, the ipfw pipe creation command I ran is not (as far as I can tell) TCP specific, and further, my ipfw rule says "any to any" - but when I look at the pipe, it has a protocol specified (TCP) and further, has a port number (22). I want to throttle ALL IP traffic, not just TCP, and certainly not just port 22. What am I doing wrong ? Second, there are seven headings (from BKT at the left to Drp on the right) but underneath those seven headings are _9_ values. What I really want to know is how many packets I am droppinig ... but I can't tell which of the fields are the "dropped" - I assume it is the final number .. if so, what is that measured in ? Packets ? Finally, why am I dropping any packets ? My total traffic is 5-7 Mbits/s on average ... I don't see why I would be dropping any packets at all ... are they being dropped because the system can't keep up, or are they being dropped because I am hitting the throttle limit and it drops everything above that ? Many thanks. --------------------------------- Finding fabulous fares is fun. Let Yahoo! FareChase search your favorite travel sites to find flight and hotel bargains. --------------------------------- Never miss an email again! Yahoo! Toolbar alerts you the instant new Mail arrives. Check it out.