Re: Dummynet Question
On Tuesday 26 September 2006 05:00, Sushant Sharma wrote: > Hi all, > I have installed dummynet on a machine-2 which I am using to introduce > delay between the packets that I'll be sending from machine-1 to machine-3. > I am using ping to confirm that ICMP/TCP packets are getting delayed. I > know both UDP/TCP fall under ip, so UDP packets should also be getting > delayed but just to confirm, do you guys know of any utility that I can use > to check if UDP packets are also getting delayed. Use traceroute. Or you could run tcpdump on both ingress and egress interfaces and check the timestamps. netcat can send udp packets, bash can(if it's built this way) cat >/dev/udp/192.168.0.1/snmp for example Or you could simply trust dummynet/ipfw. They work:) HTH, Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Dummynet Question
Hi all, I have installed dummynet on a machine-2 which I am using to introduce delay between the packets that I'll be sending from machine-1 to machine-3. I am using ping to confirm that ICMP/TCP packets are getting delayed. I know both UDP/TCP fall under ip, so UDP packets should also be getting delayed but just to confirm, do you guys know of any utility that I can use to check if UDP packets are also getting delayed. ipfw shows pipe 1 and queue 1 as pipe 1 ip from any to any queue 1 ip from any to any I am running linux on machine-1 and machine-3. TIA -Sushant ps: please cc the reply to me also as I am not subscribed to the list. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Traffic Shapping (IPFW + DUMMYNET) Question
On Thu, 2005-04-14 at 09:53 -0400, Timothy Radigan wrote: > Hi all, > > I'm new to the entire idea of traffic shaping and I came up with some rules > for my BSD firewall/router/VoIP gateway and I just wanted to make sure that > what I am trying to accomplish is actually going to happen with these rules > in place. Currently, my broadband connection is a 4Mb down and 384Mb up > pipe. My VoIP service requires 90Kb up and down. I have 3 separate > internal networks at my house. I have my wired 100Mb switched LAN > (192.168.15.0/24), I have my IPSec enabled Wireless LAN (192.168.20.0/24), > and I have my VoIP LAN (192.168.10.0/30). What I want to do with these > traffic shaping rules, is dedicate 100Kb up and down to the VoIP LAN, and > then I want to have equally shared bandwidth (the remaining speeds of my > broadband connection) for the wired and wireless LANs. Here are the rules I > have come up with so far: Can you post your ifconfig output of your BSD box? How about the output of this: sysctl -a | grep net.inet.ip.fw.one_pass Chris > > <--- (START) /etc/ipfw.rules > > > # flush all rules > ipfw -f flush > > # configure the pipe main pipes - have 4000kbits/s down 384kbits/s up > > # define 200kbits/s for the voip pipes > ipfw pipe 1 config bw 100Kbits/s > ipfw pipe 2 config bw 100Kbits/s > > # wired / wifi lans - get all but 100kbits/s for both up and down > ipfw pipe 3 config bw 3900Kbits/s > ipfw pipe 4 config bw 284Kbits/s > > # wired/wifi LAN internal transmission > ipfw pipe 5 config bw 100Mbits/s mask dst-ip 0x > ipfw pipe 6 config bw 100Mbits/s mask dst-ip 0x > ipfw pipe 7 config bw 100Mbits/s mask dst-ip 0x > ipfw pipe 8 config bw 100Mbits/s mask dst-ip 0x > > # make sure the voip gets all of the bandwidth for the pipes > ipfw add 1 pipe 1 ip from 192.168.10.2 to any > ipfw add 1 pipe 2 ip from any to 192.168.10.2 > > # make sure the wired and wifi lans get all of the bandwidth for those pipes > ipfw add 2 pipe 5 ip from 192.168.15.0/24 to 192.168.0.0/16 > ipfw add 2 pipe 6 ip from 192.168.0.0/16 to 192.168.15.0/24 > ipfw add 3 pipe 7 ip from 192.168.20.0/24 to 192.168.0.0/16 > ipfw add 3 pipe 8 ip from 192.168.0.0/16 to 192.168.20.0/24 > > # the wired / wifi lans will split the up and down pipes > ipfw queue 3 config weight 50 pipe 3 mask dst-ip 0x00ff > ipfw queue 4 config weight 50 pipe 3 mask dst-ip 0x00ff > ipfw queue 5 config weight 50 pipe 4 mask dst-ip 0x00ff > ipfw queue 6 config weight 50 pipe 4 mask dst-ip 0x00ff > > # add inbound/outbound queues for the wired lan > ipfw add 100 queue 3 ip from any to 192.168.15.0/24 > ipfw add 105 queue 5 ip from 192.168.15.0/24 to any > > # add inbound/outbound queues for the wifi lan > ipfw add 200 queue 4 ip from any to 192.168.20.0/24 > ipfw add 205 queue 6 ip from 192.168.20.0/24 to any > > < (END) /etc/ipfw.rules -> > > Does this seem like it will perform as I am thinking it will? > > Thanks > --Tim > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Traffic Shapping (IPFW + DUMMYNET) Question
On Thursday 14 April 2005 14:53, Timothy Radigan wrote: > Hi all, > > I'm new to the entire idea of traffic shaping and I came up with some rules > for my BSD firewall/router/VoIP gateway > >... > > Does this seem like it will perform as I am thinking it will? I've not tried this kind of thing myself, but I wouldn't be very optimistic about what you are trying to do. AFAIK dummynet works through IP packet queueing. That means that it can do a good job of shaping outgoing traffic, but the only control it has on incoming traffic is through dropping packets that have already been received, which isn't very efficient. To achieve what you want would really need some something that can hook into the tcp/ip stack and affect tcp window sizes. I dont know of anything that would do that. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Traffic Shapping (IPFW + DUMMYNET) Question
Hi all, I'm new to the entire idea of traffic shaping and I came up with some rules for my BSD firewall/router/VoIP gateway and I just wanted to make sure that what I am trying to accomplish is actually going to happen with these rules in place. Currently, my broadband connection is a 4Mb down and 384Mb up pipe. My VoIP service requires 90Kb up and down. I have 3 separate internal networks at my house. I have my wired 100Mb switched LAN (192.168.15.0/24), I have my IPSec enabled Wireless LAN (192.168.20.0/24), and I have my VoIP LAN (192.168.10.0/30). What I want to do with these traffic shaping rules, is dedicate 100Kb up and down to the VoIP LAN, and then I want to have equally shared bandwidth (the remaining speeds of my broadband connection) for the wired and wireless LANs. Here are the rules I have come up with so far: <--- (START) /etc/ipfw.rules > # flush all rules ipfw -f flush # configure the pipe main pipes - have 4000kbits/s down 384kbits/s up # define 200kbits/s for the voip pipes ipfw pipe 1 config bw 100Kbits/s ipfw pipe 2 config bw 100Kbits/s # wired / wifi lans - get all but 100kbits/s for both up and down ipfw pipe 3 config bw 3900Kbits/s ipfw pipe 4 config bw 284Kbits/s # wired/wifi LAN internal transmission ipfw pipe 5 config bw 100Mbits/s mask dst-ip 0x ipfw pipe 6 config bw 100Mbits/s mask dst-ip 0x ipfw pipe 7 config bw 100Mbits/s mask dst-ip 0x ipfw pipe 8 config bw 100Mbits/s mask dst-ip 0x # make sure the voip gets all of the bandwidth for the pipes ipfw add 1 pipe 1 ip from 192.168.10.2 to any ipfw add 1 pipe 2 ip from any to 192.168.10.2 # make sure the wired and wifi lans get all of the bandwidth for those pipes ipfw add 2 pipe 5 ip from 192.168.15.0/24 to 192.168.0.0/16 ipfw add 2 pipe 6 ip from 192.168.0.0/16 to 192.168.15.0/24 ipfw add 3 pipe 7 ip from 192.168.20.0/24 to 192.168.0.0/16 ipfw add 3 pipe 8 ip from 192.168.0.0/16 to 192.168.20.0/24 # the wired / wifi lans will split the up and down pipes ipfw queue 3 config weight 50 pipe 3 mask dst-ip 0x00ff ipfw queue 4 config weight 50 pipe 3 mask dst-ip 0x00ff ipfw queue 5 config weight 50 pipe 4 mask dst-ip 0x00ff ipfw queue 6 config weight 50 pipe 4 mask dst-ip 0x00ff # add inbound/outbound queues for the wired lan ipfw add 100 queue 3 ip from any to 192.168.15.0/24 ipfw add 105 queue 5 ip from 192.168.15.0/24 to any # add inbound/outbound queues for the wifi lan ipfw add 200 queue 4 ip from any to 192.168.20.0/24 ipfw add 205 queue 6 ip from 192.168.20.0/24 to any < (END) /etc/ipfw.rules -> Does this seem like it will perform as I am thinking it will? Thanks --Tim ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
[with additional question] Re: ipfw//dummynet question
On Wed, Feb 25, 2004 at 06:47:30AM +0100, Hugo (6s-gaming.com) wrote: > Hi list, > > Say I want to limit the bandwidth from all inside my lan to the outside. > I'd create the pipes and make 2 rules to pipe any traffic (in&out). My > question is, would creating these 2 rules make all traffic be promptly > accepted, or would they be accepted or blocked based on the rest of the > ruleset? If they're accepted upon the pipe rule, how to make they be piped > BUT only accepted if they match any of the rules on the ruleset? Do I need > to create pipe rules for _everything_ ? > > Regards, > > Hugo If I understand your question, you can have any number of rules that all use a single pipe. For example, you could have something like: ipfw add pipe 1 ip from 10.0.0.0/24 to any dst-port ipfw add pipe 1 ip from 10.0.0.0/24 to www.somedomain.com ipfw add pipe 1 ip from 10.0.1.50 to any And maybe pipe 1 is configured as such: pipe 1 config bw 50Kbyte/s This actually brings me to a question of my own. The ipfw manpage talks about making sure to keep in mind that packets are checked both 'in' and 'out'. I see that some people have implemented bandwidth rules using 2 separate rules for in and out. I have a setup that uses a 'keep-state' on a single 'in' rule and it seems to work fine. What is the effective or functional difference between using two separate rules for in and out or a single rule using a keep-state? Is one more efficient than another, or would the two do totally different things? Thanks, Nathan -- gpg --keyserver pgp.mit.edu --recv-keys D8527E49 pgp0.pgp Description: PGP signature
ipfw//dummynet question
Hi list, Say I want to limit the bandwidth from all inside my lan to the outside. I'd create the pipes and make 2 rules to pipe any traffic (in&out). My question is, would creating these 2 rules make all traffic be promptly accepted, or would they be accepted or blocked based on the rest of the ruleset? If they're accepted upon the pipe rule, how to make they be piped BUT only accepted if they match any of the rules on the ruleset? Do I need to create pipe rules for _everything_ ? Regards, Hugo -- http://www.6s-gaming.com - your online store! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"