AltQ + ng_iface

Daniel O'Connor doconnor at
Sat Jul 30 09:31:14 GMT 2005

On Friday 29 July 2005 12:35, Julian Elischer wrote:
> I do this to great effect..
> consider:
> two sites connected by links in which teh bottleneck is 200KB/sec (1 E1?)
> when a lot of data is flowing from 1 to 2  then data from 2 to 1 is also
> slowed
> down because the acks have to go through the queues on ingress side of the
> bottleneck router.
> I add a dummynet entry on 1, limiting output to 190KB/sec, so that the
> queue is in dummynet and not the intermediate router, and then allow small
> ack packets
> to bypass that queue. As a result the data from 2 to 1 also flows at
> near capacity,
> and with a much lower latency. SInce data flows tend to be large packets,
> I sometimes actually prioitise ALL small packets allowing interactive
> stuff to
> bypass ftps etc. and sometimes I do it on both ends.

I tried to update my ipfw setup, but I could not manage to get ipfw + natd to 
work with stateful rules :(

Although since natd runs in userland I may as well switch back to ppp(8) to 
save extra kernel/userland transitions. I was hoping to be able to use pf + 
mpd since that puts all of the packet processing into the kernel.

I did try pf + ipfw + dummynet (eww) but it appears that when the packets get 
reinjected back into the system after the pipes they go through pf again 
which doesn't like them (not 100% sure why.. maybe they don't match a state 
properly any more?)

I'll try my hand at the ng_iface ALTQ patch.

Daniel O'Connor software and network engineer
for Genesis Software -
"The nice thing about standards is that there
are so many of them to choose from."
  -- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :

More information about the freebsd-net mailing list