From owner-freebsd-security@FreeBSD.ORG  Wed May  7 06:55:52 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EE35D37B401
	for <freebsd-security@freebsd.org>;
	Wed,  7 May 2003 06:55:52 -0700 (PDT)
Received: from host185.dolanmedia.com (host185.dolanmedia.com
	[209.98.197.185])
	by mx1.FreeBSD.org (Postfix) with SMTP id CDA6143F75
	for <freebsd-security@freebsd.org>;
	Wed,  7 May 2003 06:55:50 -0700 (PDT)
	(envelope-from greg.panula@dolaninformation.com)
Received: (qmail 61776 invoked by uid 0); 7 May 2003 13:55:50 -0000
Received: from greg.panula@dolaninformation.com by proxy by uid 82 with
	qmail-scanner-1.15  ( Clear:. 
	Processed in 2.735137 secs); 07 May 2003 13:55:50 -0000
X-Qmail-Scanner-Mail-From: greg.panula@dolaninformation.com via proxy
X-Qmail-Scanner-Rcpt-To: chris@xecu.net,freebsd-security@freebsd.org
X-Qmail-Scanner: 1.15 (Clear:. Processed in 2.735137 secs)
Received: from unknown (HELO mail.dolanmedia.com) (10.1.1.23)
  by host185.dolanmedia.com with SMTP; 7 May 2003 13:55:46 -0000
Received: from dolaninformation.com (10.1.1.135) by mail.dolanmedia.com
	(Worldmail 1.3.167); 7 May 2003 08:55:46 -0500
Sender: pang@FreeBSD.ORG
Message-ID: <3EB91062.22408FB8@dolaninformation.com>
Date: Wed, 07 May 2003 08:55:46 -0500
From: Greg Panula <greg.panula@dolaninformation.com>
Organization: Dolan Information Center Inc
X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Chris McGee <chris@xecu.net>
References: <Pine.BSF.4.44.0305070900170.96202-100000@thunder.xecu.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
cc: freebsd-security@freebsd.org
Subject: Re: IPFW Bandwidth throttling?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: greg.panula@dolaninformation.com
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 07 May 2003 13:55:53 -0000

Chris McGee wrote:
> 
> I am trying to limit outgoing SMTP traffic to about 14 Mbps and these are
> the IPFW rules I am using.
> 
>         ${fwcmd} add pipe 1 tcp from 192.168.0.0/24 to any 25 out via dc0
>         ${fwcmd} pipe 1 config bw 14Mbit/s
> 
> I've tried multiple tweaks to the pipe rule and I seem to be missing
> something.  I only get about half the bandwidth I specify.  Is this normal
> behavior?  Is there something wrong with the rule I'm running?
> 

The pipe config & pipe rule look correct.

Try 'ipfw pipe list' to confirm the pipe is configured for the correct
bandwidth and not dropping excessive amounts of packets.

Is dc0 configured for 100Mbps or 10Mbps?  7Mbps is close to the ceiling
for a 10Mbps link.

Are you sure you have ~2MBps worth of smtp traffic to pass when you're
watching?  If you increase the bandwidth on the pipe do you see more
than the ~7Mbps you're currently seeing?


good luck,
 greg