Date: Sun, 2 Mar 2008 09:48:47 +1100 From: Peter Jeremy <peterjeremy@optushome.com.au> To: Juri Mianovich <juri_mian@yahoo.com> Cc: freebsd-net@freebsd.org Subject: Re: simple, adaptive bandwidth throttling with ipfw/dummynet ? Message-ID: <20080301224847.GU67687@server.vk2pj.dyndns.org> In-Reply-To: <754299.92112.qm@web45601.mail.sp1.yahoo.com> References: <754299.92112.qm@web45601.mail.sp1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--AhhlLboLdkugWU4S
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Feb 29, 2008 at 02:28:04PM -0800, Juri Mianovich wrote:
>"after 30 minutes of maxed dummynet rule, add X mbps
>to the rule for every active TCP session, with a max
>ceiling of Y mbps"
>
>and:
>
>"after 30 minutes of less than max usage, subtract X
>mbps from the rule every Y minutes, with a minimum
>floor of Z"
>
>Make sense ?
It doesn't really make sense to me but it's your firewall and you are
free to implement whatever rules you like.
>If I wanted to do this myself with a shell script, is
>there any way to test a particular dummynet rule for
>its current "fill rate" - OR - a simple way to test if
>a particular dummynet rule is currently in enforcement
>?
The system doesn't maintain stats on the instantaneous "fill rate"
of pipes/queues. All it will report is total counts of traffic
through and in the pipe/queue. Since the format wasn't clear to
me from a quick read of the man page, the following is a breakdown
of the output, with added notes:
fwall# ipfw pipe list
00001: 6.400 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail
mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte=
Drp
0 tcp 192.168.123.200/56599 150.101.135.3/61455 122097 6353558 0 =
0 397
|----- dummynet accumulation bucket details -----|---- Totals ---|Queued=
|
'dummynet accumulation bucket details' is the details of the most recent
(I think) packet matching the specific bucket mask
'Totals' is total bytes and packets through that particular bucket
'Queued' refer to bytes and packets for that bucket currently queued
'Drp' is the number of packets dropped.
You would need to calculate a rate by periodically sampling the
counts. You can get a rough idea of if a particular dummynet rule is
restricting traffic flow by looking for non-zero queued counts (though
keep in mind that it is normal for a packet to occasionally be queued).
Assuming you have the TCP sessions spread across distinct buckets
(either with multiple pipes/queues or with masks to split them up), my
suggestion would be a perl script that regularly does 'ipfw pipe list'
or 'ipfw queue list' and use change_in_total_bytes/time to calculate
average throughput per session. Then use a leaky bucket on the
average throughput to trigger pipe/queue re-configurations as desired.
--=20
Peter Jeremy
Please excuse any delays as the result of my ISP's inability to implement
an MTA that is either RFC2821-compliant or matches their claimed behaviour.
--AhhlLboLdkugWU4S
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
iD8DBQFHyd1P/opHv/APuIcRAgo/AJ43YU/rwrVKEztwoV8tMpMZWLf+9ACggQ/T
hY52Y7GYc+KKqsGQVPW9/LU=
=N6xf
-----END PGP SIGNATURE-----
--AhhlLboLdkugWU4S--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080301224847.GU67687>