Date: Wed, 24 Jan 2007 11:12:13 -0500 From: "Michael W. Oliver" <michael@gargantuan.com> To: Arone Silimantia <aronesimi@yahoo.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw pipe show .... clarification, please ... Message-ID: <20070124161213.GB34537@gargantuan.com> In-Reply-To: <108951.34916.qm@web58610.mail.re3.yahoo.com> References: <108951.34916.qm@web58610.mail.re3.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2007-01-23T16:37:13-0800, Arone Silimantia wrote:
>
> I set up a dummynet pipe with this sequence of commands:
>
> sysctl -w net.inet.ip.fw.one_pass=0
> ipfw pipe 1 config bw 16Mbit/s
> ipfw add 10000 pipe 1 all from any to any
>
> So far so good. Works great. However, when I look at the pipe
> itself, with this command:
>
> ipfw pipe show 1
>
> I see this:
>
> # ipfw pipe show 1
> 00001: 16.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail
> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp
> 0 tcp 1.2.3.4/22 1.2.3.4/4333 2970975653 2649647615805 2 2992 10414733
>
> I would like to clarify a few things...
>
> First, the ipfw pipe creation command I ran is not (as far as I can
> tell) TCP specific, and further, my ipfw rule says "any to any" - but
> when I look at the pipe, it has a protocol specified (TCP) and
> further, has a port number (22). I want to throttle ALL IP traffic,
> not just TCP, and certainly not just port 22.
>
> What am I doing wrong ?
I think what you are seeing is just the latest user of the rule, and it
happened to be that SSH connection. Since you are using an all-zeros
mask, all traffic will fall into the same bucket and as such you will
only see the latest flow/conversation/stream that used the rule. I
could be wrong here, and would like clarification if so.
> Second, there are seven headings (from BKT at the left to Drp on the
> right) but underneath those seven headings are _9_ values. What I
> really want to know is how many packets I am droppinig ... but I can't
> tell which of the fields are the "dropped" - I assume it is the final
> number .. if so, what is that measured in ? Packets ?
Yes, the drops are listed in number of packets, and what you are seeing
as nine fields is broken down as follows:
BKT
Prot
Source IP/port
Dest. IP/port
Tot_pkt
bytes
Pkt
Byte
Drp
The "Tot_pkt/bytes" and "Pkt/Byte" values are split, even though the
headings are not. Not very intuitive, and actually quite ugly. Again,
I am no expert and would like clarification if I am wrong.
Personally, if I could code at all, I would try to whip up a patch that
would do something like this....
00001: 16.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail
mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT 0
Prot: TCP
Source: 1.2.3.4(22)
Dest: 1.2.3.4(4333)
Total (pkts/bytes): 2970975653/2649647615805
Current (pkts/bytes): 2/2992
Drops: 10414733
> Finally, why am I dropping any packets ? My total traffic is 5-7
> Mbits/s on average ... I don't see why I would be dropping any packets
> at all ... are they being dropped because the system can't keep up, or
> are they being dropped because I am hitting the throttle limit and it
> drops everything above that ?
I think you are dropping packets because you are exceeding the pipe
bandwidth.
I am no expert on this stuff, just offering some possible answers to
your questions.
Have fun!
- --
Mike Oliver, KI4OFU
[see complete headers for contact information]
- ------------------------------------------------------------------------
If your email to me is rejected, it is likely a problem with the MTA on
your end, so please send the error report to me at mwoliver at gmail dot
com and I will investigate the issue. Thanks.
- ------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (FreeBSD)
iD8DBQFFt4VdboLl4ADjAhARAlhZAJ0e8bOB7qmbrGixUdyXdiX/UGJx8gCgpU5h
kHA5fOsAia5iZo97ExtVXQ0=
=ybB5
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070124161213.GB34537>