From owner-freebsd-net@FreeBSD.ORG  Mon Jun 18 20:15:41 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 3B11F106567E
	for <freebsd-net@freebsd.org>; Mon, 18 Jun 2012 20:15:41 +0000 (UTC)
	(envelope-from luigi@onelab2.iet.unipi.it)
Received: from onelab2.iet.unipi.it (onelab2.iet.unipi.it [131.114.59.238])
	by mx1.freebsd.org (Postfix) with ESMTP id ED5E68FC16
	for <freebsd-net@freebsd.org>; Mon, 18 Jun 2012 20:15:40 +0000 (UTC)
Received: by onelab2.iet.unipi.it (Postfix, from userid 275)
	id 528A47302C; Mon, 18 Jun 2012 22:34:35 +0200 (CEST)
Date: Mon, 18 Jun 2012 22:34:35 +0200
From: Luigi Rizzo <rizzo@iet.unipi.it>
To: Randy Bush <randy@psg.com>
Message-ID: <20120618203435.GB32782@onelab2.iet.unipi.it>
References: <m2395sd0r6.wl%randy@psg.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <m2395sd0r6.wl%randy@psg.com>
User-Agent: Mutt/1.4.2.3i
Cc: freebsd-net <freebsd-net@freebsd.org>
Subject: Re: dummynet delay
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2012 20:15:41 -0000

On Tue, Jun 19, 2012 at 01:48:45AM +0900, Randy Bush wrote:
> add pipe 1 tcp from 147.28.2.129 to 147.28.2.133
> add pipe 2 tcp from 147.28.2.133 to 147.28.2.129
> pipe 1 config queue 50 delay 200ms
> pipe 2 config queue 50 delay 200ms
> 
> is a tcp packet from 147.28.2.129 to 147.28.2.133 delayed by 200ms or
> 400ms, 200 for each interface?

it depends on where the traffic source and destination are,
and on the configuration of the firewall.
See the ascii diagram near PACKET FLOW in the ipfw manpage,
reproduced below. Each [block] can potentially pass the
packet through a pipe.
For better control on the traffic flow, I'd suggest to
use the "in" and "out" keywords in ipfw rules so you
do not risk that through traffic on a router is
intercepted twice.



                  ^    to upper layers    V
                  |                       |
                  +----------->-----------+
                  ^                       V
            [ip(6)_input]           [ip(6)_output] net.inet(6).ip(6).fw.enable=1
                  |                       |
                  ^                       V
            [ether_demux]        [ether_output_frame]  net.link.ether.ipfw=1
                  |                       |
                  +-->--[bdg_forward]-->--+            net.link.bridge.ipfw=1
                  ^                       V
                  |      to devices       |

cheers
luigi