Date: Thu, 07 Dec 2006 13:44:12 +0100 From: =?ISO-8859-1?Q?H=E5kon_Granlund?= <hg@sircon.no> To: Timofej Dod <hidden@4you.lt> Cc: freebsd-net@freebsd.org Subject: Re: dummynet throughput problem Message-ID: <45780C9C.1000907@sircon.no> In-Reply-To: <1895992105.20061206224504@4you.lt> References: <1895992105.20061206224504@4you.lt>
next in thread | previous in thread | raw e-mail | index | archive | help
Timofej Dod wrote: > Hi, > > I got a firewall with ipfw + dummynet. > system is: > FreeBSD 6.1-RELEASE-p10 > > table 1 contains 211 IP addresses. > > 00502 pipe 11 ip from any to table(1) out via rl0 > 00502 skipto 2000 ip from any to table(1) > > and with pipe configured > ipfw -q pipe 11 config mask dst-ip 0xffffffff bw 256Kbit/s > > however everybody only getting half of it i.e. 128 Kbits. > also net.inet.ip.fw.one_pass: 1 doesn't seem to work properly since > counters show that skipto rule is being triggered and it should not with > the one_pass activated. > Any clues how to make it give the speed it is supposed to? I'm absolutely no expert on this matter, but I think you have to define where the packets are going. It's got something to do with DUMMYNET or IPFW seeing the packet twice. You're probably looking for: 00502 pipe 11 ip from any to table(1) out xmit rl0 A similar rule for incoming would be: pipe 12 ip from table(1) to any in recv rl0 -- Håkon Granlund
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45780C9C.1000907>