Packet loss with traffic shaper and routing

Julian Elischer julian at elischer.org
Tue May 2 03:48:56 UTC 2006 

oops, forgot to fix my cut-n- pastes.. corrected triage below..


Julian Elischer wrote:

> Julian Elischer wrote:
>
>> tpeixoto at widesoft.com.br wrote:
>>
>>>> That would do it..
>>>>
>>>> In all versions of FreeBSD
>>>> you can use the skipto rule to make sure that only a few rules are 
>>>> run for any
>>>> address. Use it to to a binary search for the right pipe.'
>>>> carefully using 'skipto' and 'table' can make it efficient to do 
>>>> very complex
>>>> filters like that.
>>>>
>>>
>>> Sorry, but I didn't realized how to use that as we have to shape 
>>> each user individually, i.e., each MAC address on the LAN has its 
>>> own download and upload speeds.
>>>
>>> Could you clarify how to improve the situation with the tools you 
>>> mentioned?
>>
>>
>>
>>
>>
>> Assuming you can not use "tablearg" yet (it will make this REALLY EASY)
>> then if you have 30 IPs you want to shape from 1.1.1.1 to 1.1.1.30 
>
>
>
>
> then, consider the following example using IP addresses.
>
>>
>>
>>
> ipfw add 1000 skipto 1110 ip from any to 1.1.1.16/28
> ipfw add 1010 skipto 1032 ip from any to 1.1.1.8/29
> ipfw add 1012 skipto 1021 ip from any to 1.1.1.4./30 

> ipfw add 1013 [anything] ip from any to 1.1.1.0 

> ipfw add 1014 [anything] ip from any to 1.1.1.1
> ipfw add 1015 [anything] ip from any to 1.1.1.2
> ipfw add 1016 [anything] ip from any to 1.1.1.3
>
>
> ipfw add 1021 anything] ip from any to 1.1.1.4
> ipfw add 1022 [anything] ip from any to 1.1.1.5
> ipfw add 1023 [anything] ip from any to 1.1.1.6
> ipfw add 1024 [anything] ip from any to 1.1.1.7
>
>
> ipfw add 1032 skipto 1051 ip from any to 1.1.1.12./30
>
> ipfw add 1040 [anything] ip from any to 1.1.1.8
> ipfw add 1041 [anything] ip from any to 1.1.1.9
> ipfw add 1042 [anything] ip from any to 1.1.1.10
> ipfw add 1043 [anything] ip from any to 1.1.1.11
>
>
> ipfw add 1051 [anything] ip from any to 1.1.1.12
> ipfw add 1052 [anything] ip from any to 1.1.1.13
> ipfw add 1053 [anything] ip from any to 1.1.1.14
> ipfw add 1054 [anything] ip from any to 1.1.1.15
>
>
> ipfw add 1110 skipto 1132 ip from any to 1.1.1.24/29
> ipfw add 1112 skipto 1121 ip from any to 1.1.1.20./30
> ipfw add 1113 [anything] ip from any to 1.1.1.16
> ipfw add 1114 [anything] ip from any to 1.1.1.17
> ipfw add 1115 [anything] ip from any to 1.1.1.18

> ipfw add 1116 [anything] ip from any to 1.1.1.19

>
>
> ipfw add 1121 anything] ip from any to 1.1.1.20
> ipfw add 1122 [anything] ip from any to 1.1.1.21
> ipfw add 1123 [anything] ip from any to 1.1.1.22
> ipfw add 1124 [anything] ip from any to 1.1.1.23
>
>
> ipfw add 1132 skipto 1151 ip from any to 1.1.1.28./30
>
> ipfw add 1140 [anything] ip from any to 1.1.1.24
> ipfw add 1141 [anything] ip from any to 1.1.1.25
> ipfw add 1142 [anything] ip from any to 1.1.1.26
> ipfw add 1143 [anything] ip from any to 1.1.1.27
>
>
> ipfw add 1151 [anything] ip from any to 1.1.1.28
> ipfw add 1152 [anything] ip from any to 1.1.1.29
> ipfw add 1153 [anything] ip from any to 1.1.1.30
> ipfw add 1154 [anything] ip from any to 1.1.1.31
>
>
>
>
>
> now this example shows a binary search in IP space, written (including 
> bugs) by hand
> but if you are willing to write a suitable perl script, you can 
> generate a binary search in MAC address space
> just as easily. just sort them into order and search..
>
> I'm not going to try it by had, but for 1600 hosts you should only 
> need to go through
> 15 rules per host on average, instead of 1600 rules per host.
> that should cut down your ipfw cpu usage by 1/100
>
>
>
>>
>> freebsd.org"
>

More information about the freebsd-net mailing list