ipfw pipe show
jflowers at ezo.net
Thu Feb 21 17:31:27 UTC 2008
On Thu, 21 Feb 2008 17:53:55 +0100 (CET), Wojciech Puchar wrote
> > answer but there is one thing that is still a puzzle.
> > I have a pipe configured as:
> > ipfw pipe 2 config bw 768Kbit/s queue 20Kbytes
> > When I use `ipfw -s 4 pipe 2 show, one bucket is shown:
> > 00002: 768.000 Kbit/s 0 ms 20 KB 1 queues (1 buckets) droptail
> > mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
> > BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes
> > 0 tcp 12.###.##.77/80 88.###.##.175/2200 10565 8421549 0 0 103
> > I understand that there is only one bucket but how are the source and
> > destination ip addresses and ports chosen to be displayed from all that are
> yes. use queues through this pipe for implementing smart traffic
> (best of a kind i must say).
I'll get to queues eventually. Right now I precede this pipe with a pipe that
reports overall statistics for tcp/udp/other and one that develops statistics
and applies 128kbps bw limits on a per source host basis. All pipes are
> > While I'm at it this pipe has a 768 Kbps bw limit and is currently running at
> what kind of traffic is it? single or lots of tcp connections? looks
> like a single connection
Traffic is multiple simultaneous connections (outbound http from 20 to 30
> > less than 250 Kbps. Why are packets still being dropped at the rate of about
> > 1%, fairly consistently?
> turn off the pipe and check the traffic again. it looks like your
> pipe is setup correctly.
Yes, when I do this with an 8 sec delay to reading, I sometimes catch a
dropped packet. Calculated bw is ~200kbps. After some minutes it goes to the
1% level and stays there.
> are other rules ok?
Yes, everything seems to be consistent and counts match closely.
It's not so much a problem but that I am curious. And, I still don't
understand the significance of the ip addresses/ports shown in the single
Thanks for the response.
Jim Flowers <jflowers at ezo.net>
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the freebsd-questions