From owner-freebsd-ipfw@FreeBSD.ORG  Fri Mar  6 10:45:46 2009
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A28D8106566C
	for <freebsd-ipfw@freebsd.org>; Fri,  6 Mar 2009 10:45:46 +0000 (UTC)
	(envelope-from sebastian.mellmann@net.t-labs.tu-berlin.de)
Received: from mail.net.t-labs.tu-berlin.de (mail.net.t-labs.tu-berlin.de
	[130.149.220.252])
	by mx1.freebsd.org (Postfix) with ESMTP id 60DC38FC08
	for <freebsd-ipfw@freebsd.org>; Fri,  6 Mar 2009 10:45:46 +0000 (UTC)
	(envelope-from sebastian.mellmann@net.t-labs.tu-berlin.de)
Received: from anubis.getmyip.com (anubis.getmyip.com [78.46.33.178])
	by mail.net.t-labs.tu-berlin.de (Postfix) with ESMTP id 5C21C700D496
	for <freebsd-ipfw@freebsd.org>; Fri,  6 Mar 2009 11:45:45 +0100 (CET)
Received: from 62.206.221.107 (SquirrelMail authenticated user smellmann)
	by anubis.getmyip.com with HTTP; Fri, 6 Mar 2009 11:45:45 +0100 (CET)
Message-ID: <5431.62.206.221.107.1236336345.squirrel@anubis.getmyip.com>
Date: Fri, 6 Mar 2009 11:45:45 +0100 (CET)
From: "Sebastian Mellmann" <sebastian.mellmann@net.t-labs.tu-berlin.de>
To: freebsd-ipfw@freebsd.org
User-Agent: SquirrelMail/1.4.9a
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: ipfw: Can't see other flows in pipe
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: sebastian.mellmann@net.t-labs.tu-berlin.de
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Mar 2009 10:45:47 -0000

Hi everyone!

I've got the following ipfw rules:


cmd="ipfw"
webclient_upload_bandwidth="1024kbit/s"
webclient_download_bandwidth="6144Kbit/s"
bottleneck_bandwidth="100Mbit/s"
client_rtt_delay=10
queue=50

client1_subnet="192.168.5.0/26"
server1_subnet="192.168.7.0/24"

$cmd pipe 100 config mask all bw $webclient_upload_bandwidth queue
queue_size delay $client_rtt_delay

$cmd pipe 200 config mask all bw $webclient_download_bandwidth queue
queue_size delay $client_rtt_delay

$cmd add pipe 100 all from $client1_subnet to $server1_subnet in recv $in_if

$cmd add pipe 200 all from $server1_subnet to $client1_subnet out xmit $in_if

$cmd pipe 500 config bw $bottleneck_bandwidth
$cmd add pipe 500 all from any to any via $in_if

$cmd pipe 510 config bw $bottleneck_bandwidth
$cmd add pipe 510 all from any to any via $out_if


For testing purposes I've got 4 concurrent downloads via scp from the
server1_subnet to the client1_subnet.

ipfw pipe show gives me the following:

00510: 100.000 Mbit/s    0 ms   50 sl. 1 queues (1 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes
Pkt/Byte Drp
  0 tcp      192.168.5.4/47753     192.168.7.1/22    610244 609078476  2
104   1
00100:   1.024 Mbit/s    0 ms   50 sl. 4 queues (64 buckets) droptail
    mask: 0xff 0xffffffff/0xffff -> 0xffffffff/0xffff
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes
Pkt/Byte Drp
 18 tcp      192.168.5.4/47753     192.168.7.1/22    15067   820472  0
0   0
 29 tcp      192.168.5.1/59724     192.168.7.1/22    64519  3512539  0
0   0
 34 tcp      192.168.5.2/58805     192.168.7.1/22    64035  3481423  0
0   0
 54 tcp      192.168.5.3/40995     192.168.7.1/22    66705  3633640  0
0   0
00305: unlimited    0 ms   50 sl. 0 queues (1 buckets) droptail
00310: unlimited    0 ms   50 sl. 0 queues (1 buckets) droptail
00200:   6.144 Mbit/s    0 ms   50 sl. 4 queues (64 buckets) droptail
    mask: 0xff 0xffffffff/0xffff -> 0xffffffff/0xffff
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes
Pkt/Byte Drp
  2 tcp      192.168.7.1/22        192.168.5.2/58805 121901 182399179 29
43124 234
 47 tcp      192.168.7.1/22        192.168.5.3/40995 126392 189093880 43
64124 241
 51 tcp      192.168.7.1/22        192.168.5.1/59724 122550 183349839 34
50624 251
 60 tcp      192.168.7.1/22        192.168.5.4/47753 28565 42735852  0
0  55
00315: unlimited    0 ms   50 sl. 0 queues (1 buckets) droptail
00500: 100.000 Mbit/s    0 ms   50 sl. 1 queues (1 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes
Pkt/Byte Drp
  0 tcp      192.168.5.4/47753     192.168.7.1/22    609337 607754332  2
1552   0
00300: unlimited    0 ms   50 sl. 0 queues (1 buckets) droptail


Why do I only see ONE connection inside the 500/510 pipe?
I thought I could see any connection going through that pipe.



Regards,
Sebastian


P.S.: Sorry for sending it on 'freebsd-questions' too, I've messed up my
address book :-(