Latency problem with traffic shaping

James haesu at towardex.com
Tue Mar 16 18:19:22 PST 2004 

	ohhh... you are concerned about simple 1ms difference due to
	granuality (sp) in 35 meg pipe, right?

	this is a simple problem to fix:

	ipfw add 1 allow icmp from any to any icmptypes 11,0,8
	ipfw add 1 allow udp from any to any 33434-33534
	< then insert your pipe rules >

	and also, you realize that you are putting people on vlan3
	to a half duplex pipe right? 

-J

On Sat, Mar 06, 2004 at 07:29:05PM +0100, Nicolas DEFFAYET wrote:
> Hello,
> 
> I have latency problem when i do traffic shaping with ipfw:
> 
> $ ping -c 10 xxx.xxx.xx1.2
> PING xxx.xxx.xx1.2 (xxx.xxx.xx1.2): 56 data bytes
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=0 ttl=64 time=1.037 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=1 ttl=64 time=1.951 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=2 ttl=64 time=1.924 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=3 ttl=64 time=1.852 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=4 ttl=64 time=2.779 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=5 ttl=64 time=1.982 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=6 ttl=64 time=1.778 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=7 ttl=64 time=1.866 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=8 ttl=64 time=1.777 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=9 ttl=64 time=1.876 ms
> 
> --- xxx.xxx.xx1.2 ping statistics ---
> 10 packets transmitted, 10 packets received, 0% packet loss
> round-trip min/avg/max/stddev = 1.037/1.882/2.779/0.395 ms
> 
> Current maximum traffic is 6 Mbit/s, shapping is at 35 Mbit/s.
> 
> 
> I use a vlan interface but i have same problem with a physical
> interface:
> 
> $ ifconfig vlan3
> vlan3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>         inet xxx.xxx.xx1.1 netmask 0xfffffffc broadcast xxx.xxx.xx1.3
> <cut>
> 
> 
> I use very simple rules:
> 
> # ipfw sh
> 03000  195958827   88359539155 pipe 1 ip from any to any out via vlan3
> 03000  145717180   37638278479 pipe 1 ip from any to any in via vlan3
> 65535 7732545351 2700054229295 allow ip from any to any
> 
> # ipfw pipe sh
> 00001:  35.000 Mbit/s    0 ms   50 sl. 1 queues (1 buckets) droptail
>     mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes
> Pkt/Byte Drp
>   0 igmp  xxx.xxx.xx1.1/0           224.0.0.5/0     341678025
> 125998357178  0    0 295
> 
> 
> If the rule 3000 of ipfw is deleted, latency is good and normal; but i
> don't have shaping:
> 
> $ ping -c 10 xxx.xxx.xx1.2
> PING xxx.xxx.xx1.2 (xxx.xxx.xx1.2): 56 data bytes
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=0 ttl=64 time=0.375 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=1 ttl=64 time=0.219 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=2 ttl=64 time=0.251 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=3 ttl=64 time=0.281 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=4 ttl=64 time=0.290 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=5 ttl=64 time=0.308 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=6 ttl=64 time=0.380 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=7 ttl=64 time=0.254 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=8 ttl=64 time=0.227 ms
> 64 bytes from xxx.xxx.xx1.2: icmp_seq=9 ttl=64 time=0.227 ms
> 
> --- xxx.xxx.xx1.2 ping statistics ---
> 10 packets transmitted, 10 packets received, 0% packet loss
> round-trip min/avg/max/stddev = 0.219/0.281/0.380/0.055 ms
> 
> 
> I don't have the problem with FreeBSD 5.0-RELEASE.
> I have the problem with FreeBSD 5.1-RELEASE, FreeBSD 5.2-RELEASE,
> FreeBSD 5.2.1-RELEASE.
> 
> I use a custom kernel with:
> 
> options         IPFIREWALL              #firewall
> options         IPFIREWALL_VERBOSE      #enable logging to syslogd(8)
> options         IPFIREWALL_FORWARD      #enable transparent proxy
> support
> options         IPFIREWALL_VERBOSE_LIMIT=100    #limit verbosity
> options         IPFIREWALL_DEFAULT_TO_ACCEPT    #allow everything by
> default
> options         IPV6FIREWALL            #firewall for IPv6
> options         IPV6FIREWALL_VERBOSE
> options         IPV6FIREWALL_VERBOSE_LIMIT=100
> options         IPV6FIREWALL_DEFAULT_TO_ACCEPT
> options         IPDIVERT                #divert sockets
> options         DUMMYNET
> options         BRIDGE
> 
> 
> How fix this latency problem ?
> 
> 
> Thanks
> 
> Best regards,
> 
> -- 
> Nicolas DEFFAYET, NDSoftware
> NDSoftware IP Network: http://www.ip.ndsoftware.net/
> FNIX6 (French National Internet Exchange IPv6): http://www.fnix6.net/
> 
> _______________________________________________
> freebsd-ipfw at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"

-- 
James Jun                                            TowardEX Technologies, Inc.
Technical Lead                        Network Design, Consulting, IT Outsourcing
james at towardex.com                  Boston-based Colocation & Bandwidth Services
cell: 1(978)-394-2867           web: http://www.towardex.com , noc: www.twdx.net

More information about the freebsd-ipfw mailing list