dummynet throughput problem
Håkon Granlund
hg at sircon.no
Thu Dec 7 04:51:32 PST 2006
Timofej Dod wrote:
> Hi,
>
> I got a firewall with ipfw + dummynet.
> system is:
> FreeBSD 6.1-RELEASE-p10
>
> table 1 contains 211 IP addresses.
>
> 00502 pipe 11 ip from any to table(1) out via rl0
> 00502 skipto 2000 ip from any to table(1)
>
> and with pipe configured
> ipfw -q pipe 11 config mask dst-ip 0xffffffff bw 256Kbit/s
>
> however everybody only getting half of it i.e. 128 Kbits.
> also net.inet.ip.fw.one_pass: 1 doesn't seem to work properly since
> counters show that skipto rule is being triggered and it should not with
> the one_pass activated.
> Any clues how to make it give the speed it is supposed to?
I'm absolutely no expert on this matter, but I think you have to define
where the packets are going. It's got something to do with DUMMYNET or
IPFW seeing the packet twice. You're probably looking for:
00502 pipe 11 ip from any to table(1) out xmit rl0
A similar rule for incoming would be:
pipe 12 ip from table(1) to any in recv rl0
--
Håkon Granlund
More information about the freebsd-net
mailing list