From owner-freebsd-net@FreeBSD.ORG Tue May 2 02:09:00 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4436316A400 for ; Tue, 2 May 2006 02:09:00 +0000 (UTC) (envelope-from tpeixoto@widesoft.com.br) Received: from srv1.netconsultoria.com.br (srv1.netconsultoria.com.br [200.230.201.252]) by mx1.FreeBSD.org (Postfix) with ESMTP id A112543D45 for ; Tue, 2 May 2006 02:08:56 +0000 (GMT) (envelope-from tpeixoto@widesoft.com.br) Received: from [192.168.0.1] (mailgw.netconsultoria.com.br [200.230.201.249]) by srv1.netconsultoria.com.br (8.13.6/8.13.3) with ESMTP id k4228g1l064282; Mon, 1 May 2006 23:08:43 -0300 (BRT) (envelope-from tpeixoto@widesoft.com.br) Message-ID: <4456BF4A.7050107@widesoft.com.br> Date: Mon, 01 May 2006 23:09:14 -0300 From: tpeixoto@widesoft.com.br User-Agent: Thunderbird 1.5.0.2 (Windows/20060308) MIME-Version: 1.0 To: Julian Elischer References: <49594.200.230.201.250.1146063341.squirrel@www.widemail.com.br> <444F8E89.2050905@wildcard.net.uk> <56286.200.230.201.250.1146067775.squirrel@www.widemail.com.br> <1146073590.1089.80.camel@sky.mediasat.ro> <59615.200.230.201.250.1146083577.squirrel@www.widemail.com.br> <445038CA.2050008@pacific.net.sg> <4456AD8E.2060703@widesoft.com.br> <4456B415.3080901@elischer.org> In-Reply-To: <4456B415.3080901@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV 0.88.1/1431/Sun Apr 30 14:46:15 2006 on srv1.netconsultoria.com.br X-Virus-Status: Clean Cc: Lee Johnston , freebsd-net@freebsd.org, mihai@duras.ro Subject: Re: Packet loss with traffic shaper and routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 May 2006 02:09:00 -0000 Julian Elischer wrote: > tpeixoto@widesoft.com.br wrote: > >> Hello! >> >> Erich Dollansky wrote: >> >>> Hi, >>> >>> tpeixoto@widesoft.com.br wrote: >>> >>>> >>>> At this moment, I'm getting more than 50% interrupts and 20% packets >>>> lost. >>> >>> >>> you must have something very basic done the wrong way. >> >> > >> >> Hope so. So I can fix and learn from it! >> >> >>> I would suggest to upgrade that box to 6.1. >>> >> >> We tried 6.0-RELEASE. Please, keep reading... >> >> >>> You need then a systematic approach. >>> >>> Run the GENERIC kernel and see what happens there. >>> >> >> Ok, 15% interrupts. System worked fine. >> >> >>> Then take all out you believe you do not need and see what happens then. >>> >>> Finally, switch to SMP and start the fine tuning. >>> >> >> Kernel recompiled with SMP+IPFW+DUMMYNET and system running with >> firewall_type="OPEN". Low interrupts, great. >> >> As I inserted the bandwidth rules, the problem arose again! Interrupts >> getting at 80% and packets being lost. >> >> >>> Do not use HT as it should slow down the machine. >>> >> >> I switched it off but didn't notice any major difference. Anyway I >> left it disabled. >> >> >>> If even the first step fails, check the connections including the >>> network card if it is one. >>> >>> Erich >>> >> >> I guess we found where the problem is. IPFW and dummynet seems to be >> the ones to blame here, or the way we are using them. >> For each MAC address we want to shape, we use 2 pipes and 2 rules, 1 >> for download and 1 for upload. >> I believe the problem is that the number of clients (MAC addresses) >> grew from 200 to around 1600, and this means lots of pipes and lots of >> rules. >> >> Anyone knows a better way to get this job done? > > > for 1600 hosts are you runing 1600 rules? > No. For 1600 hosts we're running 3200 rules... (and also 3200 pipes). > That would do it.. > > In all versions of FreeBSD > you can use the skipto rule to make sure that only a few rules are run > for any > address. Use it to to a binary search for the right pipe.' > carefully using 'skipto' and 'table' can make it efficient to do very > complex > filters like that. > Sorry, but I didn't realized how to use that as we have to shape each user individually, i.e., each MAC address on the LAN has its own download and upload speeds. Could you clarify how to improve the situation with the tools you mentioned? Thanks. > > in 7.0 you can use the 'tablearg' operator to ensure that only 1 rule is > run per host . > I don't know if it is in 6.1.. > if not you may be able to simply apply the diffs. > > >> >> Thanks! >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >