Hi there,
I read this and I was wondering if anyone has done this with ipfw & dummynet.
http://www.benzedrine.cx/ackpri.html
Thanks, - Will
To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Hi there, i haved asked this question some time ago and got a reply to my personal
account. I will forward that mail to this list when i am back home. Please be so kind, and write a reminder at my mail account, no copy to freebsd-questions. I am sure i will forget it otherwise... *stareup*
Thx goes to Marc "UBM" Blocket who wrote this mail. Some typos in it, but with a little work and read you will get the point. Hope this helps!
PS Marc: I tried this stuff, but my PC messed up with latest kernels, so i didn't want to make it worse and didn't check if it is tuned well. Also, could you please post a "ipfw list" and "ipfw pipe list"? Would be very kind - thanks!
On Thu, 16 Jan 2003 20:03:44 +0100 "Pascal Giannakakis" <[EMAIL PROTECTED]> wrote:
>> Lo ppl, >> >> a few month ago there was an article in the german computer mag "c't" >> which described how to tune an ADSL connection. One of the tips was to >> give small IP-packages (64 bytes and less) a high priority. According >> to the article this will result in an improved behaviour when up- and >> downstream are both busy at the same time. >> >> As i suffer exactly this problem, i would like to try it out on >> FreeBSD 5. As i can not find what the command would be in FreeBSD - >> and if it is even supported, i hope some of you FreeBSD / Linux guys >> can help me out. Here is the Linux command: >> >> # iptables -A POSTROUTING -t mangle -o ppp0 -p tcp -m length --length >> # :64 -j >> MARK --set-mark 12 >> >> The comlete script can be downloaded here: >> http://www.heise.de/ct/ftp/02/24/224/ >> >> What would be the options in FreeBSD? Thanx!
Hiho! :-)
First of all, sorry for answering that late, i forgot about your mail for some time and remembered it just recently.
You need both dummynet (the freebsd traffic shaper) and ipfw (firewall) to do this.
And i strongly suggest that you do a "man ipfw" and read through it, else you won't really understand what the firewall rules do :-)
If you have not enabled both of them in your kernel, you need to do so.
options are:
options IPFW2 (might be obsolete in 5.0) options IPFIREWALL options IPFIREWALL_VERBOSE (optional) options IPFIREWALL_VERBOSE_LIMIT=100 (optional) options IPFIREWALL_DEFAULT_TO_ACCEPT (optional) options DUMMYNET options HZ=1000
I'd also suggest to do a "man ipfw" and read through the whole thing, its really worth it.
After you've installed the new kernel, you need to create a config file for ipfw which tells it to give high priority to the small ( < 64 byte) tcp packets.
Mine looks like this:
pipe 1 config bw 132kbit/s queue 10kbyte
This creates a dummynet pipe which bandwidth is approximately equal to the max. adsl upstream, the "queue 10kbyte" part tells it to create a 10kbbyte packer-buffer for that pipe (I'v not really figured out yet what the optimal buffer size is, this size works fine for normal traffic but you might run into latency-problems if you play online games).
queue 1 config weight 50 pipe 1
add 597 queue 4 ip from me to any src-port 41000-42000,21,20 out
This creates a dummynet queue which is linked to a pipe and is used to
give certain priority to the traffic sent through the pipe linked to the
queue. The priority is given through the "weight value" command. "value"
can be anything from 1 to 100. The higher the value, the higher the
priority. Traffic piped through this queue has a high priority (50), so
this is the pipe that will be used for the small tcp-packetsOk, now you need to create a second queue to pipe the "normal" upstream through (ftp traffic, p2p, whatever other traffic there is :-) ). Naturally, you want to give this traffic a lower priority than the tcp-control-packets. (i gave it priority 1, but i believe higher values up to 10 would also work).
queue 2 config weight 1 pipe 1 # ftp traffic out
Ok, now comes the tricky part. You've to tell the firewall (ipfw) which kind of packets are to be sent to the queues.
add 550 queue 1 ip from me to any iplen 46 out add 551 queue 1 ip from me to any iplen 47 out add 552 queue 1 ip from me to any iplen 48 out add 553 queue 1 ip from me to any iplen 49 out add 554 queue 1 ip from me to any iplen 50 out add 555 queue 1 ip from me to any iplen 51 out add 556 queue 1 ip from me to any iplen 52 out add 557 queue 1 ip from me to any iplen 53 out add 558 queue 1 ip from me to any iplen 54 out add 559 queue 1 ip from me to any iplen 55 out add 560 queue 1 ip from me to any iplen 56 out add 561 queue 1 ip from me to any iplen 57 out add 562 queue 1 ip from me to any iplen 58 out add 563 queue 1 ip from me to any iplen 59 out add 564 queue 1 ip from me to any iplen 60 out add 565 queue 1 ip from me to any iplen 61 out add 566 queue 1 ip from me to any iplen 62 out add 567 queue 1 ip from me to any iplen 63 out add 568 queue 1 ip from me to any iplen 64 out add 569 queue 1 ip from me to any iplen 65 out
These rules tell ipfw to pass all packets which are 46-65 bytes large to queue 1.
Ok, now you need to pass the other upstream traffic into queue 2. I can't really tell you how to do that, as i do not know which programs you're using that generate the upstream traffic.
My configuration line to do this looks like this (i run a ftp-server, forcing passive mode on portrange 41000-42000 and active mode uses 20/21.)
add 597 queue 2 ip from me to anadd 597 queue 4 ip from me to any src-port 41000-42000,21,20 outy src-port 41000-42000,21,20 out
This tells ipfw to pass all packets which are coming from port 20,21 (which are used for data transfer in active mode) and all packets coming from 41000-42000 (which are used for data transfer in passive mode) to queue 2. Thus, the small tcp packets get a much higher priority than the "normal" upstream.
On my system i can upload at approx. 14kb/s and still download at 90kb/s.
I hope this helps.
Feel free to message me back if i did or said something wrong. :-)
Bye Marc
To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
