Packet loss with traffic shaper and routing

Michael W. Oliver michael at gargantuan.com
Tue May 2 21:47:56 UTC 2006 

On 2006-05-02T14:19:14-0300, tpeixoto at widesoft.com.br wrote:
>> On 2006-05-01T22:12:00-0300, tpeixoto at widesoft.com.br wrote:
>>> Please, take a look in my previous post.
>>> I guess the problem lies with IPFW and dummynet.
>>> How do you shape your clients?
>>> 
>>> Here we have (for each client):
>>> 
>>> ipfw pipe 1 config bw 512Kbit/s
>>> ipfw pipe 2 config bw 512Kbit/s
>>> ipfw add pipe 1 ip from any to any mac any 00:11:22:33:44:55 in
>>> ipfw add pipe 2 ip from any to any mac 00:11:22:33:44:55 any out
>> 
>> I am no ipfw or dummynet expert, but I read some of your other posts and
>> noticed that you are using 3200 rules and 3200 pipes, and are matching
>> the mac address.  Do you have to match the mac, or can you do this by IP
>> address?  According to the IPFW man page, if you specify a mask with
>> your pipe configuration, you can match on every bit which would
>> dynamically create the pipes based on the size of the parent pipe.  I
>> think it would be something like...
>> 
>> ipfw pipe 1 config bw 512kbit/s mask src-ip 0xffffffff
>> ipfw pipe 2 config bw 512kbit/s mask dst-ip 0xffffffff
>> ipfw add pipe 1 ip from any to any in
>> ipfw add pipe 2 ip from any to any out
>> 
>> Like I said, I am no expert, but figured I would spew this to the list
>> anyway.
>
> I see that.
> But if I got this right, I cannot set up speeds individually.
> We have different speeds for each host.
>·
> Thanks for your time.

Well, if my understanding is correct, you can think of each pipe config
as a template to be used in the generation of dynamic pipes.  So, for
each speed/size of pipe you want, create two pipes, one with all-ones
mask for src and the other with all-ones mask for dst...

x=0
for each in 64 128 192 256 384 512 576 640;
do
	x=$(($x+1))
	ipfw pipe ${x} config bw ${each}kbit/s mask src-ip 0xffffffff
	x=$(($x+1))
	ipfw pipe ${x} config bw ${each}kbit/s mask dst-ip 0xffffffff
done

so, for each speed you would have a pipe for in (src) and out (dst), and
then you can just use the template instead of creating 3200 pipes.  this
doesn't really help your 'allow' rule situation, but I figured I would
offer anyway.

-- 
Mike Oliver, KI4OFU
[see complete headers for contact information]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20060502/9fa437f6/attachment.pgp

More information about the freebsd-net mailing list