From owner-freebsd-net@FreeBSD.ORG Tue May 2 21:47:56 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E0A4F16A401 for ; Tue, 2 May 2006 21:47:55 +0000 (UTC) (envelope-from michael@gargantuan.com) Received: from phoenix.gargantuan.com (srv01.lak.lwxdatacom.net [24.73.171.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4469A43D45 for ; Tue, 2 May 2006 21:47:55 +0000 (GMT) (envelope-from michael@gargantuan.com) Received: by phoenix.gargantuan.com (Postfix, from userid 1001) id 2D219231; Tue, 2 May 2006 17:47:54 -0400 (EDT) Date: Tue, 2 May 2006 17:47:54 -0400 From: "Michael W. Oliver" To: tpeixoto@widesoft.com.br Message-ID: <20060502214754.GL11342@gargantuan.com> Mail-Followup-To: tpeixoto@widesoft.com.br, ferdinand.goldmann@jku.at, freebsd-net@freebsd.org References: <49594.200.230.201.250.1146063341.squirrel@www.widemail.com.br> <444F8E89.2050905@wildcard.net.uk> <56286.200.230.201.250.1146067775.squirrel@www.widemail.com.br> <1146073590.1089.80.camel@sky.mediasat.ro> <59615.200.230.201.250.1146083577.squirrel@www.widemail.com.br> <44506D87.1020808@jku.at> <4456B1E0.9040408@widesoft.com.br> <20060502040911.GG11342@gargantuan.com> <55494.200.230.201.250.1146590354.squirrel@www.widemail.com.br> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="mGCtrYeZ202LI9ZG" Content-Disposition: inline In-Reply-To: <55494.200.230.201.250.1146590354.squirrel@www.widemail.com.br> X-WWW-URL: http://michael.gargantuan.com X-GPG-PGP-Public-Key: http://michael.gargantuan.com/gnupg/pubkey.asc X-GPG-PGP-Fingerprint: 2694 0179 AE3F BFAE 0916 0BF5 B16B FBAB C5FA A3C9 X-Home-Phone: +1-863-816-8091 X-Mobile-Phone: +1-863-738-2334 X-Mailing-Address0: 8008 Apache Lane X-Mailing-Address1: Lakeland, FL X-Mailing-Address2: 33810-2172 X-Mailing-Address3: United States of America X-Guide-Questions: http://www.catb.org/~esr/faqs/smart-questions.html X-Guide-Netiquette: http://www.ietf.org/rfc/rfc1855.txt User-Agent: mutt-ng/devel-r774 (FreeBSD) Cc: freebsd-net@freebsd.org, ferdinand.goldmann@jku.at Subject: Re: Packet loss with traffic shaper and routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 May 2006 21:47:56 -0000 --mGCtrYeZ202LI9ZG Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2006-05-02T14:19:14-0300, tpeixoto@widesoft.com.br wrote: >> On 2006-05-01T22:12:00-0300, tpeixoto@widesoft.com.br wrote: >>> Please, take a look in my previous post. >>> I guess the problem lies with IPFW and dummynet. >>> How do you shape your clients? >>>=20 >>> Here we have (for each client): >>>=20 >>> ipfw pipe 1 config bw 512Kbit/s >>> ipfw pipe 2 config bw 512Kbit/s >>> ipfw add pipe 1 ip from any to any mac any 00:11:22:33:44:55 in >>> ipfw add pipe 2 ip from any to any mac 00:11:22:33:44:55 any out >>=20 >> I am no ipfw or dummynet expert, but I read some of your other posts and >> noticed that you are using 3200 rules and 3200 pipes, and are matching >> the mac address. Do you have to match the mac, or can you do this by IP >> address? According to the IPFW man page, if you specify a mask with >> your pipe configuration, you can match on every bit which would >> dynamically create the pipes based on the size of the parent pipe. I >> think it would be something like... >>=20 >> ipfw pipe 1 config bw 512kbit/s mask src-ip 0xffffffff >> ipfw pipe 2 config bw 512kbit/s mask dst-ip 0xffffffff >> ipfw add pipe 1 ip from any to any in >> ipfw add pipe 2 ip from any to any out >>=20 >> Like I said, I am no expert, but figured I would spew this to the list >> anyway. > > I see that. > But if I got this right, I cannot set up speeds individually. > We have different speeds for each host. >=B7 > Thanks for your time. Well, if my understanding is correct, you can think of each pipe config as a template to be used in the generation of dynamic pipes. So, for each speed/size of pipe you want, create two pipes, one with all-ones mask for src and the other with all-ones mask for dst... x=3D0 for each in 64 128 192 256 384 512 576 640; do x=3D$(($x+1)) ipfw pipe ${x} config bw ${each}kbit/s mask src-ip 0xffffffff x=3D$(($x+1)) ipfw pipe ${x} config bw ${each}kbit/s mask dst-ip 0xffffffff done so, for each speed you would have a pipe for in (src) and out (dst), and then you can just use the template instead of creating 3200 pipes. this doesn't really help your 'allow' rule situation, but I figured I would offer anyway. --=20 Mike Oliver, KI4OFU [see complete headers for contact information] --mGCtrYeZ202LI9ZG Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFEV9OJsWv7q8X6o8kRAslfAKCH0Oklt2vGXNP28eRobvHymFNW/ACdHIQ5 lNoD5yVMYShu7BpSOH1kSZU= =Nd7C -----END PGP SIGNATURE----- --mGCtrYeZ202LI9ZG--