From owner-freebsd-stable@FreeBSD.ORG Tue Jun 3 14:38:06 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EC54137B401 for ; Tue, 3 Jun 2003 14:38:06 -0700 (PDT) Received: from smtp-out.comcast.net (smtp-out.comcast.net [24.153.64.116]) by mx1.FreeBSD.org (Postfix) with ESMTP id 33EC443F93 for ; Tue, 3 Jun 2003 14:38:06 -0700 (PDT) (envelope-from mupi@mknet.org) Received: from c-67-161-243-229.client.comcast.net (c-67-161-243-229.client.comcast.net [67.161.243.229]) by mtaout04.icomcast.net (iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003)) with ESMTP id <0HFX004I9DAHOP@mtaout04.icomcast.net> for freebsd-stable@freebsd.org; Tue, 03 Jun 2003 17:35:06 -0400 (EDT) Date: Tue, 03 Jun 2003 15:35:08 -0600 From: Mike Porter In-reply-to: <1054583721.3edbaba959c81@webmail.ownij.com> To: bigtruck@ownij.com Message-id: <200306031535.15107.mupi@mknet.org> MIME-version: 1.0 Content-type: Text/Plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Content-disposition: inline Content-description: clearsigned data User-Agent: KMail/1.5 References: <1054583721.3edbaba959c81@webmail.ownij.com> cc: freebsd-stable@freebsd.org Subject: Re: 4.8-Stable DummyNet X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2003 21:38:07 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 02 June 2003 01:55 pm, bigtruck@ownij.com wrote: > Hi. We just opened a gaming center and have chosen to run a FreeBsd box > for our firewall. IPFW is configured at it's very basic running natd > through rl0 and allowing any to any connections from the lan to the outer > world. Natd controls access to the lan. > > We have a 6.0 mb/s ADSL net connection for all the gaming clients to use, > however if a gamer starts downloading a file, that file takes precendence > and causes everyone's pings 'in-game' to sky rocket to unplayable levels. > I have done some reading on DummyNet which is attached at the hip with > IPFW, however I have been unsuccessful in getting it to work properly. > > I have done some research and found this site: > http://info.iet.unipi.it/~luigi/ip_dummynet/ > > After reading I became more confused than before. Should I share the link > as a whole to all 64 client machines OR should I set a fixed BW for all > client machines. Are there other websites out there that can help with > this? > > Also if and when I do find a working pipe/queue config do I put it before > the natd via rl0 command or after? Another consideration, from experience: rl is not a very good "inside" nic, at least if running with the old standby 8139 chip. I don't have direct experience with the 82xx family they are using these days, but with my 8139-based card, I could never, under windows, get a single download past 30KBps (but I could open 3 downloads before the performance started to fall off) (this is on a cable modem). Under BSD (4-stable in the days of 4.5 and 4.6) I couldn't get anything past 100Kbps. Using a machine with two realtek's as a gateway/router, I found I was brealy better than dialup on my local machines. Switching to a Netgear NIC (dc driver) vastly improved matters. When set for dc0=outside, rl0=inside, my LAN performance is about the same (indicating a bottleneck in rl0), however, my WAN performance is about 1/3 better (I can consistently get 130KBps+, and frequently exceed 200KBps; once in a while I can even get more than 300KBps, but due to the nature of cable, that is pretty rare.). Putting dc0 on "inside" duty more than doubles the performance of my LAN, without changing any network infrastructure. This tells me the rl8139 at least is optimized for use on asymetric connection, such as DSL or Cable, and is not really (even though it claims to support it) a full-duplex card. Spend a few dollars more, and get a better card, in other words. I guess that doesn't really help with dummynet, but it could explain some of the performance problem... mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+3RSRY30jZzkECLcRAo/GAJwJyRZfadU1ISrfluktUN2s/JqinwCfdC1w 9ucO194yP4ccqgLW4eg30Aw= =QTrN -----END PGP SIGNATURE-----