IPFW DUMMYNET: Several pipes after each other

Sebastian Mellmann sebastian.mellmann at net.t-labs.tu-berlin.de
Tue Jan 27 07:57:39 PST 2009 

Ian Smith wrote:

> That's a very good ipfw tutorial, given parts of it are a bit outdated
> (FreeBSD 4.x) but it covers a lot of useful background. I just skimmed
> lots of it now but nothing I read jarred, unlike the Handbook section.
>
>  > If I choose the default (50 packets) it means that it takes approx.
> 100ms
>  > (600kbits / 6144kbits) to fill the queue.
>  > So the question is: Which value to choose for the queue?
>
> It's going to depend on lots of things, your workload, upstream push ..
> you could start with more like the default and adjust as necessary?

Sounds like a good idea.
I'll just start with the default and see if works in my setup.

>  > > And you'll surely need a much larger queue for this pipe, at
> 100Mbit/s.
>  >
>  > As already asked above:
>  >
>  > How do I know the queue is large or small enough for my needs?
>
> I'm never sure, so tend to experiment.  How fast your hardware is and
> kern.hz setting could be significant factors, as could be TCP/UDP mix
> and other factors I know little about.  Reducing reported packet drops
> is about all I've used for a guide so far.  This one is a FreeBSd 4.8
> box, a 2.4GHz P4 doing little but being a filtering bridge between a
> 8192/384kbps ADSL link and nests of mostly XP boxes in 3 LAN groups:
>
> !ipfw pipe show | egrep 'tcp|bit'
> 00010: 256.000 Kbit/s    0 ms  30 KB 1 queues (1 buckets) droptail
>   0 tcp     192.168.0.23/1043     207.46.17.61/80    7196387 2897628161  0
>    0 9706
> 00020:   5.120 Mbit/s    0 ms  50 KB 1 queues (1 buckets) droptail
>   0 tcp     207.46.17.61/80       192.168.0.23/1043  9977802 12858014698
> 0    0 63260
>
> 00040:  96.000 Kbit/s    0 ms  20 KB 1 queues (1 buckets) droptail
>   0 tcp     192.168.0.45/1037    66.249.89.147/443   2315107 299340364  0
>   0 2086
> 00050:   1.536 Mbit/s    0 ms  40 KB 1 queues (1 buckets) droptail
>   0 tcp    66.249.89.147/443      192.168.0.45/1037  3279021 3802388928  0
>    0 22433
>
> 00060: 192.000 Kbit/s    0 ms  30 KB 1 queues (1 buckets) droptail
>   0 tcp     192.168.0.64/1032    207.46.106.36/1863  1847947 563209421  0
>   0 141
> 00070:   3.072 Mbit/s    0 ms  40 KB 1 queues (1 buckets) droptail
>   0 tcp    207.46.106.36/1863     192.168.0.64/1032  2438211 3075075035  0
>    0 4550
>
> It's nearly all streaming rather than more interactive traffic, so
> pipe latency isn't so much of a concern.  Anyway, I rarely actually
> catch any traffic still in-queue, which you can stare at for tuning.
>
> Also, that's aggregate traffic, not per IP as with your masks (which
> look maybe wider than necessary, 0x0000ffff covers a /16) so you may
> wind up with lots of separate queues sharing a pipe, which may look
> very different.  How many hosts, how much memory to spare for each?


Is there any chance to get the dropped packets for _each_ queue (e.g.
logged to a file for further investigation)?
Does ipfw provide something here?

I'm mainly doing experiments with different kinds of settings (bandwidth
limitations, variable delay, dropped packets probability etcpp.) and I
want to see how many packets are actually dropped by ipfw.


> HTH, Ian

Regards and thanks for the help so far,
Sebastian

More information about the freebsd-questions mailing list