From owner-freebsd-questions@FreeBSD.ORG Fri Feb 6 07:55:26 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CEEB16A4CE for ; Fri, 6 Feb 2004 07:55:26 -0800 (PST) Received: from oahu.WURLDLINK.NET (oahu.wurldlink.net [66.193.144.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B20C43D75 for ; Fri, 6 Feb 2004 07:54:13 -0800 (PST) (envelope-from vince@oahu.WURLDLINK.NET) Received: from oahu.WURLDLINK.NET (vince@localhost.WURLDLINK.NET [127.0.0.1]) by oahu.WURLDLINK.NET (8.12.9/8.12.9) with ESMTP id i16FreqQ070572; Fri, 6 Feb 2004 05:53:50 -1000 (HST) Received: from localhost (vince@localhost)i16FrdwE070569; Fri, 6 Feb 2004 05:53:39 -1000 (HST) Date: Fri, 6 Feb 2004 05:53:39 -1000 (HST) From: Vincent Poy To: Dan Pelleg In-Reply-To: Message-ID: <20040206054938.A8264-100000@oahu.WURLDLINK.NET> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: questions@FreeBSD.ORG Subject: Re: FreeBSD Traffic Shaping? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Feb 2004 15:55:26 -0000 On 6 Feb 2004, Dan Pelleg wrote: > Vincent Poy writes: > > > On 6 Feb 2004, Dan Pelleg wrote: > > > > > Vincent Poy writes: > > > > > > > Greetings all: > > > > > > > > I have a ADSL connection where the upstream pipe is smaller than > > > > the downstream with it at 1.5Mbps/384kbps now and will be upgrading to > > > > 6Mbps/608kbps soon. The issue I'm having is that whenever I upload, it > > > > fills the upstream to full capacity and the downstream would lag as the > > > > ACKs can't be send back in time. I was told that with traffic shaping or > > > > fair queue routing would solve this issue but I only have one NIC > > > > interface as I am running FreeBSD on a fully loaded notebook with a > > > > Pentium 4M-2.6Ghz CPU, 2GB RAM and 60GB 7200RPM HDD with a 10/100 3COM xl0 > > > > built in NIC. The problem is that I have 8 static IP's with my ISP so > > > > that the LAN IP's, x.x.x.224-.231 netmask 255.255.255.0 are all locally on > > > > the LAN so I want those to use the full speed of the connection without > > > > traffic shaping. The NIC also has the 192.168.x.x netmask 255.255.0.0 > > > > addresses for the local LAN as well so how do I setup traffic shaping in > > > > this scenario so that only traffic that actually uses x.x.x.1 from the > > > > x.x.x.224 IP that isn't local LAN traffic actually use traffic shaping or > > > > fair queue routing while LAN traffic will just use the full speed. I > > > > already have these options in the KERNEL config. > > > > > > > > options IPFIREWALL > > > > options IPDIVERT > > > > options DUMMYNET > > > > options BRIDGE > > > > > > > > Thanks for your help in advance! > > > > > > See ipfw(8). You can match rules by interface or address mask, so you don't > > > need to touch LAN traffic. > > > > That's the part I'm confused about. Since I only have one > > interface, I assume I have to do it by address mask but how would one > > define it as for example, > > > > 10.0.0.224-231 would not use the traffic shaper but 10.0.0.1-223 as well > > as 10.0.0.232-254 would? > > > > Whatever rule you have for shaping, you condition it on "from > 10.0.0.224/28" (or whatever the appropriate mask is). Or use the negation > of the condition and have a special case for non-capped traffic (so > internet traffic falls through to the next rule). That's the part where it becomes difficult since even though I have 8 IP's, it's still on a /24 mask so only the 8 IP's in that /24 are actually local. > > > Correct, the problem when you upload on an assymetric link has to do with > > > acknowledgment packets that downloading apps need to send back to the > > > remote server, and they have to wait in the upload queue (which is > > > saturated). You need to prioritize those. One way to do this is to filter > > > on small iplen. This has been discussed in the mailing lists in the past > > > (try the archive of the ipfw@ list). Just remember you can only shape > > > outbound packets (ie, leaving your computer). Doesn't matter if they're up > > > or down the DSL line, just that they go out (shaping incoming traffic makes > > > no sense). > > > > True. But when you have the shaping, do you actually set it to > > the speed of the line or do you set it to like 5% below the speed of the > > line and on the acknowledgement packets, does traffic shaping actually > > reserve some space for that to go back or does it just queue it a certain > > way? Thanks. > > You need to handle the ack packets specially in your rules, it will not > reserve bandwidth for them unless you tell it to. > > With ipfw, there are two ways to do this. Again I'm only talking about > packets leaving your computer and heading to the internet (so condition the > rules appropriately) > > 1. two pipes, one with static allocation (say 95% of bw, or whatever works > for you), other can have unlimited bw. Non-ack packets go to the capped > pipe, ack packets go to the other one. > > alternatively, > > 2. one pipe (unlimited bw), two queues in that pipe, one queue has a much > much higher weight. Non-ack packets go to one pipe (low weight), ack > packets to the other. This approach actually lets you use the entire > available bandwidth for either kind of traffic if there is no other demand > for it. It also frees you from having to specify the maximum bandwidth, > which can change when you, say, upgrade your DSL, or even take the laptop > to a wifi cafe. The second approach does seem to work better since basically, it prioritizes the ack portion. I guess ipfw is something I have to figure out. :) Cheers, Vince - vince@WURLDLINK.NET - Vice President ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] WurldLink Corporation / / / / | / | __] ] San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin