On Jan 13, 2008 1:16 PM, Darrin Chandler <[EMAIL PROTECTED]> wrote:
> > > altq on $ext_if priq bandwidth 512Kb queue{ack, main, others, bt}
>
> On my home assymetric connection I noticed that I had to adjust the
> bandwidth down just a little before the ackpriq method worked well. Yes,
> I measured upload speed and tried *that* number, but I still had to set
> it a bit lower. This is purely anecdotal, and I didn't do in-depth
> measurements. However, it's easy to try. :)Okay, maybe I wasn't clear what the problem is. The problem is that having a high number of bittorrent connections causes high latency on the external interface. Using max-src-states fixes this problem, but I don't understand why it is a problem to begin with. >From extensive experimentation here is what I have been able to determine: The problem has nothing to do with bandwidth. I don't experience this problem with any other protocol (HTTP and FTP for example) and if I am running a few connections and pulling down a huge chunk of my download and using almost all of my upload, altq will work fine and I will have little or no latency. On the other hand, I can cause this problem even if I am only using a fraction of the bandwidth -- all I have to do is have the bittorrent client start a bunch of torrents and make hundreds of connections each. Altq isn't useful here because it isn't going to engage until there is a backlog. Now, it is true that once the latency starts to rise, a backlog will result, but I am already running a modified ack-priq and the increase in latency becomes a problem (as in no one can browse the web) long before it turns into backlog. I have played with the altq six ways from Sunday in an attempt to solve this. It doesn't affect anything unless I turn the bandwidth down to some ridiculously low number. Although the increase in latency seems to generally slow down the time it takes to process a packet. It seems to disproportionately impact TCP handshakes. At first I thought this was just because the handshake was experiencing 3x the latency increase, but after playing with it more, it seems that the increase is more than linear. My concern is that this is a bug that would allow a malicious user to perform a DoS attack on any router that allows for BitTorrent. If you don't use max-src-states, then the BitTorrent user (even if bandwidth limited by hfsc or cbq) can make an absurd number of connections and increase latency to the point that the external interface becomes unusable. --MHC P.S. I am not using pppoe; I am just using an Ethernet cable connected to a DOCSIS 2.0 cable modem. There is nothing fancy going on there.
