Packet loss with traffic shaper and routing
Julian Elischer
julian at elischer.org
Tue May 2 03:43:16 UTC 2006
Julian Elischer wrote:
> tpeixoto at widesoft.com.br wrote:
>
>>> That would do it..
>>>
>>> In all versions of FreeBSD
>>> you can use the skipto rule to make sure that only a few rules are
>>> run for any
>>> address. Use it to to a binary search for the right pipe.'
>>> carefully using 'skipto' and 'table' can make it efficient to do
>>> very complex
>>> filters like that.
>>>
>>
>> Sorry, but I didn't realized how to use that as we have to shape each
>> user individually, i.e., each MAC address on the LAN has its own
>> download and upload speeds.
>>
>> Could you clarify how to improve the situation with the tools you
>> mentioned?
>
>
>
>
> Assuming you can not use "tablearg" yet (it will make this REALLY EASY)
> then if you have 30 IPs you want to shape from 1.1.1.1 to 1.1.1.30
then, consider the following example using IP addresses.
>
>
>
ipfw add 1000 skipto 2000 ip from any to 1.1.1.16/28
ipfw add 1010 skipto 1020 ip from any to 1.1.1.8/29
ipfw add 1012 skipto 1016 ip from any to 1.1.1.4./30
ipfw add 1013 [anything] ip from any to 1.1.1.1
ipfw add 1014 [anything] ip from any to 1.1.1.2
ipfw add 1015 [anything] ip from any to 1.1.1.3
ipfw add 1021 anything] ip from any to 1.1.1.4
ipfw add 1022 [anything] ip from any to 1.1.1.5
ipfw add 1023 [anything] ip from any to 1.1.1.6
ipfw add 1024 [anything] ip from any to 1.1.1.7
ipfw add 1032 skipto 1051 ip from any to 1.1.1.12./30
ipfw add 1040 [anything] ip from any to 1.1.1.8
ipfw add 1041 [anything] ip from any to 1.1.1.9
ipfw add 1042 [anything] ip from any to 1.1.1.10
ipfw add 1043 [anything] ip from any to 1.1.1.11
ipfw add 1051 [anything] ip from any to 1.1.1.12
ipfw add 1052 [anything] ip from any to 1.1.1.13
ipfw add 1053 [anything] ip from any to 1.1.1.14
ipfw add 1054 [anything] ip from any to 1.1.1.15
ipfw add 1110 skipto 1132 ip from any to 1.1.1.24/29
ipfw add 1112 skipto 1121 ip from any to 1.1.1.20./30
ipfw add 1113 [anything] ip from any to 1.1.1.1
ipfw add 1114 [anything] ip from any to 1.1.1.2
ipfw add 1115 [anything] ip from any to 1.1.1.3
ipfw add 1121 anything] ip from any to 1.1.1.4
ipfw add 1122 [anything] ip from any to 1.1.1.5
ipfw add 1123 [anything] ip from any to 1.1.1.6
ipfw add 1124 [anything] ip from any to 1.1.1.7
ipfw add 1132 skipto 1151 ip from any to 1.1.1.28./30
ipfw add 1140 [anything] ip from any to 1.1.1.8
ipfw add 1141 [anything] ip from any to 1.1.1.9
ipfw add 1142 [anything] ip from any to 1.1.1.10
ipfw add 1143 [anything] ip from any to 1.1.1.11
ipfw add 1151 [anything] ip from any to 1.1.1.12
ipfw add 1152 [anything] ip from any to 1.1.1.13
ipfw add 1153 [anything] ip from any to 1.1.1.14
ipfw add 1154 [anything] ip from any to 1.1.1.15
now this example shows a binary search in IP space, written (including
bugs) by hand
but if you are willing to write a suitable perl script, you can generate
a binary search in MAC address space
just as easily. just sort them into order and search..
I'm not going to try it by had, but for 1600 hosts you should only need
to go through
15 rules per host on average, instead of 1600 rules per host.
that should cut down your ipfw cpu usage by 1/100
>
> freebsd.org"
More information about the freebsd-net
mailing list