From owner-freebsd-questions@FreeBSD.ORG Thu Feb 21 17:31:27 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4D77316A401 for ; Thu, 21 Feb 2008 17:31:27 +0000 (UTC) (envelope-from jflowers@ezo.net) Received: from mxgf1.ezo.net (mxgf1.ezo.net [12.156.78.18]) by mx1.freebsd.org (Postfix) with ESMTP id CB24013C45B for ; Thu, 21 Feb 2008 17:31:26 +0000 (UTC) (envelope-from jflowers@ezo.net) Received: from ezo.net (mbox.ezo.net [12.156.78.21]) by mxgf1.ezo.net (8.13.6/8.13.6) with ESMTP id m1LHVguG021453; Thu, 21 Feb 2008 12:31:45 -0500 (EST) (envelope-from jflowers@ezo.net) From: "Jim Flowers" To: Wojciech Puchar Date: Thu, 21 Feb 2008 12:34:22 -0500 Message-Id: <20080221171951.M86258@ezo.net> In-Reply-To: <20080221173851.D2250@wojtek.tensor.gdynia.pl> References: <20080221155416.M53150@ezo.net> <20080221173851.D2250@wojtek.tensor.gdynia.pl> X-Mailer: OpenWebMail 2.52 20060502 X-OriginatingIP: 65.25.65.37 (jflowers@ezo.net) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 X-MXSentry-MailScanner-Information: Please contact the ISP for more information X-MXSentry-MailScanner: Found to be clean X-MXSentry-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-2.567, required 5, autolearn=not spam, ALL_TRUSTED -1.80, AWL 1.75, BAYES_00 -2.60, TW_PF 0.08) X-MXSentry-MailScanner-From: jflowers@ezo.net X-Spam-Status: No Cc: freebsd-questions@freebsd.org Subject: Re: ipfw pipe show X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: jflowers@ezo.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Feb 2008 17:31:27 -0000 On Thu, 21 Feb 2008 17:53:55 +0100 (CET), Wojciech Puchar wrote > > answer but there is one thing that is still a puzzle. > > > > I have a pipe configured as: > > > > ipfw pipe 2 config bw 768Kbit/s queue 20Kbytes > > > > When I use `ipfw -s 4 pipe 2 show, one bucket is shown: > > > > 00002: 768.000 Kbit/s 0 ms 20 KB 1 queues (1 buckets) droptail > > mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 > > BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp > > 0 tcp 12.###.##.77/80 88.###.##.175/2200 10565 8421549 0 0 103 > > > > I understand that there is only one bucket but how are the source and > > destination ip addresses and ports chosen to be displayed from all that are > > yes. use queues through this pipe for implementing smart traffic > control > (best of a kind i must say). I'll get to queues eventually. Right now I precede this pipe with a pipe that reports overall statistics for tcp/udp/other and one that develops statistics and applies 128kbps bw limits on a per source host basis. All pipes are sequential. > > > > > While I'm at it this pipe has a 768 Kbps bw limit and is currently running at > > what kind of traffic is it? single or lots of tcp connections? looks > like a single connection Traffic is multiple simultaneous connections (outbound http from 20 to 30 webservers). > > > less than 250 Kbps. Why are packets still being dropped at the rate of about > > 1%, fairly consistently? > > turn off the pipe and check the traffic again. it looks like your > pipe is setup correctly. Yes, when I do this with an 8 sec delay to reading, I sometimes catch a dropped packet. Calculated bw is ~200kbps. After some minutes it goes to the 1% level and stays there. > > are other rules ok? Yes, everything seems to be consistent and counts match closely. It's not so much a problem but that I am curious. And, I still don't understand the significance of the ip addresses/ports shown in the single bucket pipe? Thanks for the response. -- Jim Flowers -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.