From owner-freebsd-questions@FreeBSD.ORG Mon Nov 17 16:03:53 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B616616A4CE for ; Mon, 17 Nov 2003 16:03:53 -0800 (PST) Received: from wingerboy.noc.sonic.net (wingerboy.noc.sonic.net [64.142.18.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id C7E8343FF3 for ; Mon, 17 Nov 2003 16:03:52 -0800 (PST) (envelope-from kgc@sonic.net) Received: from wingerboy.noc.sonic.net (localhost [127.0.0.1]) hAI03qQx091722 for ; Mon, 17 Nov 2003 16:03:52 -0800 (PST) (envelope-from kgc@wingerboy.noc.sonic.net) Received: (from kgc@localhost) by wingerboy.noc.sonic.net (8.12.9p1/8.12.9/Submit) id hAI03qT6091721 for freebsd-questions@freebsd.org; Mon, 17 Nov 2003 16:03:52 -0800 (PST) Date: Mon, 17 Nov 2003 16:03:52 -0800 From: Kelsey Cummings To: freebsd-questions@freebsd.org Message-ID: <20031118000352.GW41189@sonic.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-PGP-Key: http://sonic.net/~kgc/gpgkey.txt Subject: ipfw dummynet bandwidth limiting questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Nov 2003 00:03:53 -0000 I've had some trouble getting ipfw to behave as expected. I've got a ipfw box sitting as a firewall and traffic shaper in bridge mode. It's working great for the most part but I'm having trouble getting some specific behavior to work right. I'm currently limiting all outbound streams to 1.5mbits, and this works great. However, I'd also like to setup an overall cap for all traffic to run at 25mbits. I can only get one or the other of these rule/pipe combos to take affect at any given time. I must be missing something obvious: The rules in questions are as follows: add 420 pipe 420 tcp from $slb_www 80 to any pipe 420 config bw 1500Kbit/s queue 35 mask dst-ip 0xffffffff buckets 1024 add 440 pipe 440 tcp from $slb_www 80 to any pipe 440 config bw 25Mbit/s queue 100 'ipfw show' shows zero hits on rule 440, it sure seems like it should work. Also, is it possible to increase the hash table size beyond 1024? Practically speaking, does anyone have any experience doing trafic shapping at gige rates? The property behind this box is growing rapidly and we expect to saturate fe in a few month. I'd appreciate if you could cc me in response. -- Kelsey Cummings - kgc@sonic.net sonic.net, inc. System Administrator 2260 Apollo Way 707.522.1000 (Voice) Santa Rosa, CA 95407 707.547.2199 (Fax) http://www.sonic.net/ Fingerprint = D5F9 667F 5D32 7347 0B79 8DB7 2B42 86B6 4E2C 3896