Site Navigation

Date:      Wed, 13 Jun 2007 01:52:21 +0200
From:      Mark Martinec <Mark.Martinec@ijs.si>
To:        freebsd-ipfw@freebsd.org
Subject:   Re: ipfw, pipes, queues, weights and managing an Internet connection
Message-ID:  <200706130152.21686.Mark.Martinec@ijs.si>
In-Reply-To: <937e203f0706121610p51fb4a10r265c82bb8858468e@mail.gmail.com>
References:  <937e203f0706121610p51fb4a10r265c82bb8858468e@mail.gmail.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

Lubomir,

> ...could you please comment it a little because I'm
> relatively new to ipfw+dummynet and some of the lines seem *really* strange
> to me... I'm talking about the - iptos,proto,tcpflags, lowdelay and iplen
> commands.

Should be documented in the man page. Some comments are due anyway:

> > add 65001 queue 13 out iptos lowdelay iplen 0-250 xmit IF_EXT

The 'iptos lowdelay' short packets should cover protocols
like NTP or VoIP.

> > add 65002 queue 13 out proto udp src-port 12334   xmit IF_EXT

Port 12334 is my Skype magic port.

> > add 65003 queue 13 out proto udp iplen 0-250      xmit IF_EXT

Remaining short UPD packets, like DNS query/replies etc.

> > add 65004 queue 12 out proto udp                  xmit IF_EXT

> > add 65005 queue 12 out proto icmp                 xmit IF_EXT

I like pings to be responsive.

> > add 65006 queue 12 out proto tcp tcpflags ack iplen 0-80 xmit IF_EXT

ACK-only packets should have priority, otherwise traffic
in reverse direction is unnecessarily slowed down by traffic
in forward direction (and the other way around).

> > add 65007 queue 11 out proto tcp iplen 0-300      xmit IF_EXT

Interactive typing (remote emacs, console, ...)

> > add 65008 queue 11 out proto tcp src-port 80,88   xmit IF_EXT

Replies from my web server.

> > add 65009 queue 10 out proto tcp dst-port rsync   xmit IF_EXT

Backup has the lowest priority.

> Just one question - you're saying that it is possible to shape /delay,
> drop etc./ the packets so quickly so that when a pipe is fully utilized
> someone hits a queue with a higher weight /for example port 80 would be
> prioritized over p2p traffic/ it would be like as if the pipe was not used
> at all?

So it appears to me.  Running Skype along with reading mail and
running a nightly backup works fine.

  Mark

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200706130152.21686.Mark.Martinec>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact