Latency problem with traffic shaping
Nicolas DEFFAYET
nicolas.deffayet at ndsoftware.net
Sat Mar 6 10:29:07 PST 2004
Hello,
I have latency problem when i do traffic shaping with ipfw:
$ ping -c 10 xxx.xxx.xx1.2
PING xxx.xxx.xx1.2 (xxx.xxx.xx1.2): 56 data bytes
64 bytes from xxx.xxx.xx1.2: icmp_seq=0 ttl=64 time=1.037 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=1 ttl=64 time=1.951 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=2 ttl=64 time=1.924 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=3 ttl=64 time=1.852 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=4 ttl=64 time=2.779 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=5 ttl=64 time=1.982 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=6 ttl=64 time=1.778 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=7 ttl=64 time=1.866 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=8 ttl=64 time=1.777 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=9 ttl=64 time=1.876 ms
--- xxx.xxx.xx1.2 ping statistics ---
10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.037/1.882/2.779/0.395 ms
Current maximum traffic is 6 Mbit/s, shapping is at 35 Mbit/s.
I use a vlan interface but i have same problem with a physical
interface:
$ ifconfig vlan3
vlan3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet xxx.xxx.xx1.1 netmask 0xfffffffc broadcast xxx.xxx.xx1.3
<cut>
I use very simple rules:
# ipfw sh
03000 195958827 88359539155 pipe 1 ip from any to any out via vlan3
03000 145717180 37638278479 pipe 1 ip from any to any in via vlan3
65535 7732545351 2700054229295 allow ip from any to any
# ipfw pipe sh
00001: 35.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail
mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes
Pkt/Byte Drp
0 igmp xxx.xxx.xx1.1/0 224.0.0.5/0 341678025
125998357178 0 0 295
If the rule 3000 of ipfw is deleted, latency is good and normal; but i
don't have shaping:
$ ping -c 10 xxx.xxx.xx1.2
PING xxx.xxx.xx1.2 (xxx.xxx.xx1.2): 56 data bytes
64 bytes from xxx.xxx.xx1.2: icmp_seq=0 ttl=64 time=0.375 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=1 ttl=64 time=0.219 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=2 ttl=64 time=0.251 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=3 ttl=64 time=0.281 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=4 ttl=64 time=0.290 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=5 ttl=64 time=0.308 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=6 ttl=64 time=0.380 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=7 ttl=64 time=0.254 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=8 ttl=64 time=0.227 ms
64 bytes from xxx.xxx.xx1.2: icmp_seq=9 ttl=64 time=0.227 ms
--- xxx.xxx.xx1.2 ping statistics ---
10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.219/0.281/0.380/0.055 ms
I don't have the problem with FreeBSD 5.0-RELEASE.
I have the problem with FreeBSD 5.1-RELEASE, FreeBSD 5.2-RELEASE,
FreeBSD 5.2.1-RELEASE.
I use a custom kernel with:
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
options IPFIREWALL_FORWARD #enable transparent proxy
support
options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity
options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by
default
options IPV6FIREWALL #firewall for IPv6
options IPV6FIREWALL_VERBOSE
options IPV6FIREWALL_VERBOSE_LIMIT=100
options IPV6FIREWALL_DEFAULT_TO_ACCEPT
options IPDIVERT #divert sockets
options DUMMYNET
options BRIDGE
How fix this latency problem ?
Thanks
Best regards,
--
Nicolas DEFFAYET, NDSoftware
NDSoftware IP Network: http://www.ip.ndsoftware.net/
FNIX6 (French National Internet Exchange IPv6): http://www.fnix6.net/
More information about the freebsd-ipfw
mailing list