Date: Mon, 01 May 2006 20:48:51 -0700 From: Julian Elischer <julian@elischer.org> To: Julian Elischer <julian@elischer.org> Cc: Lee Johnston <lee@wildcard.net.uk>, freebsd-net@freebsd.org, mihai@duras.ro Subject: Re: Packet loss with traffic shaper and routing Message-ID: <4456D6A3.8080503@elischer.org> In-Reply-To: <4456D553.30202@elischer.org> References: <49594.200.230.201.250.1146063341.squirrel@www.widemail.com.br> <444F8E89.2050905@wildcard.net.uk> <56286.200.230.201.250.1146067775.squirrel@www.widemail.com.br> <1146073590.1089.80.camel@sky.mediasat.ro> <59615.200.230.201.250.1146083577.squirrel@www.widemail.com.br> <445038CA.2050008@pacific.net.sg> <4456AD8E.2060703@widesoft.com.br> <4456B415.3080901@elischer.org> <4456BF4A.7050107@widesoft.com.br> <4456D19F.7030101@elischer.org> <4456D553.30202@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
oops, forgot to fix my cut-n- pastes.. corrected triage below.. Julian Elischer wrote: > Julian Elischer wrote: > >> tpeixoto@widesoft.com.br wrote: >> >>>> That would do it.. >>>> >>>> In all versions of FreeBSD >>>> you can use the skipto rule to make sure that only a few rules are >>>> run for any >>>> address. Use it to to a binary search for the right pipe.' >>>> carefully using 'skipto' and 'table' can make it efficient to do >>>> very complex >>>> filters like that. >>>> >>> >>> Sorry, but I didn't realized how to use that as we have to shape >>> each user individually, i.e., each MAC address on the LAN has its >>> own download and upload speeds. >>> >>> Could you clarify how to improve the situation with the tools you >>> mentioned? >> >> >> >> >> >> Assuming you can not use "tablearg" yet (it will make this REALLY EASY) >> then if you have 30 IPs you want to shape from 1.1.1.1 to 1.1.1.30 > > > > > then, consider the following example using IP addresses. > >> >> >> > ipfw add 1000 skipto 1110 ip from any to 1.1.1.16/28 > ipfw add 1010 skipto 1032 ip from any to 1.1.1.8/29 > ipfw add 1012 skipto 1021 ip from any to 1.1.1.4./30 > ipfw add 1013 [anything] ip from any to 1.1.1.0 > ipfw add 1014 [anything] ip from any to 1.1.1.1 > ipfw add 1015 [anything] ip from any to 1.1.1.2 > ipfw add 1016 [anything] ip from any to 1.1.1.3 > > > ipfw add 1021 anything] ip from any to 1.1.1.4 > ipfw add 1022 [anything] ip from any to 1.1.1.5 > ipfw add 1023 [anything] ip from any to 1.1.1.6 > ipfw add 1024 [anything] ip from any to 1.1.1.7 > > > ipfw add 1032 skipto 1051 ip from any to 1.1.1.12./30 > > ipfw add 1040 [anything] ip from any to 1.1.1.8 > ipfw add 1041 [anything] ip from any to 1.1.1.9 > ipfw add 1042 [anything] ip from any to 1.1.1.10 > ipfw add 1043 [anything] ip from any to 1.1.1.11 > > > ipfw add 1051 [anything] ip from any to 1.1.1.12 > ipfw add 1052 [anything] ip from any to 1.1.1.13 > ipfw add 1053 [anything] ip from any to 1.1.1.14 > ipfw add 1054 [anything] ip from any to 1.1.1.15 > > > ipfw add 1110 skipto 1132 ip from any to 1.1.1.24/29 > ipfw add 1112 skipto 1121 ip from any to 1.1.1.20./30 > ipfw add 1113 [anything] ip from any to 1.1.1.16 > ipfw add 1114 [anything] ip from any to 1.1.1.17 > ipfw add 1115 [anything] ip from any to 1.1.1.18 > ipfw add 1116 [anything] ip from any to 1.1.1.19 > > > ipfw add 1121 anything] ip from any to 1.1.1.20 > ipfw add 1122 [anything] ip from any to 1.1.1.21 > ipfw add 1123 [anything] ip from any to 1.1.1.22 > ipfw add 1124 [anything] ip from any to 1.1.1.23 > > > ipfw add 1132 skipto 1151 ip from any to 1.1.1.28./30 > > ipfw add 1140 [anything] ip from any to 1.1.1.24 > ipfw add 1141 [anything] ip from any to 1.1.1.25 > ipfw add 1142 [anything] ip from any to 1.1.1.26 > ipfw add 1143 [anything] ip from any to 1.1.1.27 > > > ipfw add 1151 [anything] ip from any to 1.1.1.28 > ipfw add 1152 [anything] ip from any to 1.1.1.29 > ipfw add 1153 [anything] ip from any to 1.1.1.30 > ipfw add 1154 [anything] ip from any to 1.1.1.31 > > > > > > now this example shows a binary search in IP space, written (including > bugs) by hand > but if you are willing to write a suitable perl script, you can > generate a binary search in MAC address space > just as easily. just sort them into order and search.. > > I'm not going to try it by had, but for 1600 hosts you should only > need to go through > 15 rules per host on average, instead of 1600 rules per host. > that should cut down your ipfw cpu usage by 1/100 > > > >> >> freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4456D6A3.8080503>