From owner-freebsd-net@FreeBSD.ORG Wed Oct 7 10:52:58 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D02D91065670; Wed, 7 Oct 2009 10:52:58 +0000 (UTC) (envelope-from rihad@mail.ru) Received: from mx71.mail.ru (mx71.mail.ru [94.100.176.85]) by mx1.freebsd.org (Postfix) with ESMTP id 8B0998FC1C; Wed, 7 Oct 2009 10:52:58 +0000 (UTC) Received: from [217.25.27.27] (port=39366 helo=[217.25.27.27]) by mx71.mail.ru with asmtp id 1MvU8e-0008eE-00; Wed, 07 Oct 2009 14:52:57 +0400 Message-ID: <4ACC7308.6070301@mail.ru> Date: Wed, 07 Oct 2009 15:52:56 +0500 From: rihad User-Agent: Mozilla-Thunderbird 2.0.0.22 (X11/20090706) MIME-Version: 1.0 To: Oleg Bulyzhin References: <4AC8A76B.3050502@mail.ru> <20091007085902.GA88982@lath.rinet.ru> <4ACC5E23.8090405@mail.ru> <20091007100503.GB88982@lath.rinet.ru> <4ACC6A7B.5050808@mail.ru> <20091007104525.GC88982@lath.rinet.ru> In-Reply-To: <20091007104525.GC88982@lath.rinet.ru> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam: Not detected X-Mras: Ok Cc: freebsd-net@freebsd.org Subject: Re: dummynet dropping too many packets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Oct 2009 10:52:58 -0000 Oleg Bulyzhin wrote: > On Wed, Oct 07, 2009 at 03:16:27PM +0500, rihad wrote: >> Oleg Bulyzhin wrote: >>> On Wed, Oct 07, 2009 at 02:23:47PM +0500, rihad wrote: >>> >>> Few questions: >>> 1) why are you not using fastforwarding? >>> 2) search_steps/searches ratio is not that good, are you using 'buckets' >>> keyword in your pipe configuration? >>> 3) you have net.inet.ip.fw.one_pass = 0, is it intended? >>> >> 1) and 3): the box does traffic accounting and shaping, so I need >> one_pass=0 to do both ngtee and pipes. > Still can not see any objection for not using fastforwarding, and usually > ipfw ruleset can be rearranged for using dummynet & netgraph with one_pass=1. You probably have some special sources of documentation ;-) According to man ipfw, both "netgraph/ngtee" and "pipe" decide the fate of the packet unless one_pass=0. Or do you mean sprinkling smart skiptos here and there? ;-) > Could you show your 'ipfw show' output? (hide ip addresses if you wish but > keep counters please). > Here it is, in its whole glory: 00100 10434423 1484891105 allow ip from any to any via lo0 00200 2 14 deny ip from any to 127.0.0.0/8 00300 1 4 deny ip from 127.0.0.0/8 to any 01000 3300039938 327603104711 allow ip from any to any in 01010 26214900 421138433 allow ip from me to any out 01020 5453857 46806278 allow icmp from any to any out 01030 3268289053 327224694165 ngtee 1 ip from any to any out 01040 18681181 1089636054 skipto 1100 ip from table(127) to any out recv bce0 xmit bce1 01060 777488848 76743392754 pipe tablearg ip from any to table(0) out recv bce0 xmit bce1 01070 776831109 76682499457 allow ip from any to table(0) out recv bce0 xmit bce1 01100 13102697 808411842 pipe tablearg ip from any to table(2) out 65535 662648946 66711487830 allow ip from any to any table(127) is static in nature and is under 100 entries. table(0) and table(2) have the same IP clients' addresses but different pipe IDs. >> 2) Hm, I'm not using "buckets", but rather >> net.inet.ip.dummynet.hash_size. It's at default, 64. I've tried setting >> net.inet.ip.dummynet.hash_size=65536 in sysctl.conf but somehow it was >> still 64 after reboot, so I left it at 64. Should I make it 128? 256? >> Does it matter that much? The load is at approx. 70-120 consumers per >> pipe, so I thought 64 bucket size was enough. > It depends on traffic pattern, try to increase it and watch > search_steps/searches ratio (~1.001 is good enough) > Hm, thanks, I'll try that.