Packet loss with traffic shaper and routing
Julian Elischer
julian at elischer.org
Tue May 2 03:27:29 UTC 2006
tpeixoto at widesoft.com.br wrote:
>
> Julian Elischer wrote:
>
>> tpeixoto at widesoft.com.br wrote:
>>
>>> Hello!
>>>
>>> Erich Dollansky wrote:
>>>
>>>> Hi,
>>>>
>>>> tpeixoto at widesoft.com.br wrote:
>>>>
>>>>>
>>>>> At this moment, I'm getting more than 50% interrupts and 20%
>>>>> packets lost.
>>>>
>>>>
>>>>
>>>> you must have something very basic done the wrong way.
>>>
>>>
>>> >
>>>
>>> Hope so. So I can fix and learn from it!
>>>
>>>
>>>> I would suggest to upgrade that box to 6.1.
>>>>
>>>
>>> We tried 6.0-RELEASE. Please, keep reading...
>>>
>>>
>>>> You need then a systematic approach.
>>>>
>>>> Run the GENERIC kernel and see what happens there.
>>>>
>>>
>>> Ok, 15% interrupts. System worked fine.
>>>
>>>
>>>> Then take all out you believe you do not need and see what happens
>>>> then.
>>>>
>>>> Finally, switch to SMP and start the fine tuning.
>>>>
>>>
>>> Kernel recompiled with SMP+IPFW+DUMMYNET and system running with
>>> firewall_type="OPEN". Low interrupts, great.
>>>
>>> As I inserted the bandwidth rules, the problem arose again!
>>> Interrupts getting at 80% and packets being lost.
>>>
>>>
>>>> Do not use HT as it should slow down the machine.
>>>>
>>>
>>> I switched it off but didn't notice any major difference. Anyway I
>>> left it disabled.
>>>
>>>
>>>> If even the first step fails, check the connections including the
>>>> network card if it is one.
>>>>
>>>> Erich
>>>>
>>>
>>> I guess we found where the problem is. IPFW and dummynet seems to be
>>> the ones to blame here, or the way we are using them.
>>> For each MAC address we want to shape, we use 2 pipes and 2 rules, 1
>>> for download and 1 for upload.
>>> I believe the problem is that the number of clients (MAC addresses)
>>> grew from 200 to around 1600, and this means lots of pipes and lots
>>> of rules.
>>>
>>> Anyone knows a better way to get this job done?
>>
>>
>>
>> for 1600 hosts are you runing 1600 rules?
>>
>
> No. For 1600 hosts we're running 3200 rules... (and also 3200 pipes).
>
>
>> That would do it..
>>
>> In all versions of FreeBSD
>> you can use the skipto rule to make sure that only a few rules are
>> run for any
>> address. Use it to to a binary search for the right pipe.'
>> carefully using 'skipto' and 'table' can make it efficient to do very
>> complex
>> filters like that.
>>
>
> Sorry, but I didn't realized how to use that as we have to shape each
> user individually, i.e., each MAC address on the LAN has its own
> download and upload speeds.
>
> Could you clarify how to improve the situation with the tools you
> mentioned?
Assuming you can not use "tablearg" yet (it will make this REALLY EASY)
then if you have 30 IPs you want to shape from 1.1.1.1 to 1.1.1.30
then consider:
ipfw add 1000 skipto 2000 ip from any to 1.1.1.16/28
ipfw add 1010 skipto 1020 ip from any to 1.1.1.8/29
ipfw add 1012 skipto 1026 ip from any to 1.1.1.4./30
ipfw add 1013 [anything] ip from any to 1.1.1.1
ipfw add 1013 [anything] ip from any to 1.1.1.1
ipfw add 1013 [anything] ip from any to 1.1.1.1
ipfw add 1013 [anything] ip from any to 1.1.1.1
>
> Thanks.
>
>
>>
>> in 7.0 you can use the 'tablearg' operator to ensure that only 1 rule
>> is run per host .
>> I don't know if it is in 6.1..
>> if not you may be able to simply apply the diffs.
>>
>>
>>>
>>> Thanks!
>>> _______________________________________________
>>> freebsd-net at freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>>> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>>
>>
>>
More information about the freebsd-net
mailing list