Re: dummynet performance

On Thu, Apr 9, 2020 at 2:18 AM Özkan KIRIK wrote: > > Hello, > > I wonder if it is possible to update dummynet code multi-threading capable > practically? > My idea is below: > - A new sysctl tunable will be defined as > "net.inet.ip.dummynet.thread_count" (default 1) > - To distribute tasks along

Re: dummynet performance

On Thu, Apr 9, 2020 at 2:18 AM Özkan KIRIK wrote: > > Hello, > > I wonder if it is possible to update dummynet code multi-threading capable > practically? > My idea is below: > - A new sysctl tunable will be defined as > "net.inet.ip.dummynet.thread_count" (default 1) > - To distribute tasks along

Re: dummynet loses ports mask bits

> mask: 0x00 0x/0x -> 0x00ff/0x > -- -----+--- Prof. Luigi RIZZO, ri...@iet.unipi.it . Dip. di Ing. dell'Informazione http://www.iet.unipi.it/~luigi/. Universita` di Pisa TEL +39-050-2217533 . via Di

Re: Ipfw+dummynet on Windows 10

gt;>>>> >>>>> Some suggestions. >>>>> >>>>> 1. Submit a format proposal to the FreeBSD foundation to fund a project >>>>> >>>> to >>>> >>>>> perform the desired work. This option is going to take some time. Maybe >>>&g

Re: IPFW compatibility on windows 10

t; > > -- > > -- > From: Benjamin Woods > woods...@gmail.com > ___ > freebsd-ipfw@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw

Re: ipfw delete 100-300

On Thu, Aug 13, 2015 at 5:18 PM, Julian Elischer wrote: > On 8/13/15 10:41 PM, Ian Smith wrote: >> >> On Thu, 13 Aug 2015 16:30:15 +0200, Luigi Rizzo wrote: >> > On Thu, Aug 13, 2015 at 4:00 PM, Ian Smith >> wrote: >> > > On Thu, 13 Aug

Re: ipfw delete 100-300

0842147038 DEADC0DEDEADC0DE so... somehow pointing in a bad place. > Wrongly (un?)signed int64? Either way, a lot of bytes for 0 packets :) > > cheers, Ian > ___ > freebsd-ipfw@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ip

Re: chnage source of IPFW

g list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org" > -- -+--- Prof. Luigi RIZZO, ri...@iet.unipi.it . Dip. di Ing. dell'In

Re: Why ipfw didn't filter neither log DHCP packets ?

On Mon, Jan 5, 2015 at 2:41 PM, Olivier Cochard-Labbé wrote: > On Mon, Jan 5, 2015 at 1:28 PM, Willy Offermans > wrote: > >> Hello Luigi and FreeBSD friends, >> >> I do top posting. >> >> So there might be a chance that someting slips through the firewall >> between the start of the firewall and

Re: Why ipfw didn't filter neither log DHCP packets ?

100.255:138 in via sis0 > > I've got the same behavior on FreeBSD 8.2 and 11.0-CURRENT r275821. > > Are DHCP packets exluded from the filtering/logging engine of ipfw ? > ___ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubs

Re: [CFT] new tables for ipfw

On Thu, Aug 14, 2014 at 12:57 PM, Alexander V. Chernikov < melif...@yandex-team.ru> wrote: > On 14.08.2014 14:44, Luigi Rizzo wrote: > > > > > On Thu, Aug 14, 2014 at 11:57 AM, Alexander V. Chernikov < > melif...@yandex-team.ru> wrote: > >>

Re: [CFT] new tables for ipfw

On Thu, Aug 14, 2014 at 11:57 AM, Alexander V. Chernikov < melif...@yandex-team.ru> wrote: > On 14.08.2014 13:23, Luigi Rizzo wrote: > > > > > On Wed, Aug 13, 2014 at 10:11 PM, Alexander V. Chernikov < > melif...@yandex-team.ru> wrote: > >> Hello list

Re: [CFT] new tables for ipfw

On Wed, Aug 13, 2014 at 10:11 PM, Alexander V. Chernikov < melif...@yandex-team.ru> wrote: > Hello list. > > I've been hacking ipfw for a while and It seems there is something ready > to test/review in projects/ipfw branch. > ​this is a fantastic piece of work, thanks for doing it and for integra

Re: ipfw named objejcts, table values and syntax change

On Mon, Aug 04, 2014 at 01:44:26PM +0400, Alexander V. Chernikov wrote: > On 02.08.2014 12:33, Alexander V. Chernikov wrote: > > On 02.08.2014 10:33, Luigi Rizzo wrote: > >> > >> > >> On Fri, Aug 1, 2014 at 11:08 PM, Alexander V. Chernikov >

Re: ipfw named objejcts, table values and syntax change

given table to > different objects (or different tasks) (and lack of compatibility kills > hope for MFC). > > Ideas? > > > > > > > _______ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinf

Re: kern/189720: [ipfw] [patch] pps action for ipfw

The following reply was made to PR kern/189720; it has been noted by GNATS. From: Luigi Rizzo To: bycn82 Cc: bug-follo...@freebsd.org Subject: Re: kern/189720: [ipfw] [patch] pps action for ipfw Date: Fri, 30 May 2014 19:16:10 +0200 On Sat, May 31, 2014 at 12:53:56AM +0800, bycn82 wrote: >

Re: kern/189720: [ipfw] [patch] pps action for ipfw

The following reply was made to PR kern/189720; it has been noted by GNATS. From: 'Luigi Rizzo' To: bycn82 Cc: bug-follo...@freebsd.org Subject: Re: kern/189720: [ipfw] [patch] pps action for ipfw Date: Thu, 29 May 2014 17:17:59 +0200 On Thu, May 29, 2014 at 11:06:27PM +0800, by

kern/189720: [ipfw] [patch] pps action for ipfw

The following reply was made to PR kern/189720; it has been noted by GNATS. From: Luigi Rizzo To: bug-follo...@freebsd.org, byc...@gmail.com Cc: Subject: kern/189720: [ipfw] [patch] pps action for ipfw Date: Thu, 29 May 2014 16:12:16 +0200 Hi, I have looked at the update from May 13th but

Re: Dummynet pipe cascades

On Fri, May 23, 2014 at 03:53:18PM +0200, Patrick Zwickl wrote: > Dear all, > > I am currently experimenting with ipfw dummynet features (coming rather from > the netem tc corner; so being new to dummynet and apologise for these kind of > questions) and was wondering how to syntactically achieve

Re: feature of `packet per second`

On Mon, May 12, 2014 at 7:01 PM, bycn82 wrote: > On 5/9/14 0:11, bycn82 wrote: > ... > Done ,submitted. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/189721 > can you clean up the formatting and style (including some gratuitous whitespace changes). Also there are several things to fix: - p

Re: feature of `packet per second`

uigi ​ > > On Fri, May 9, 2014 at 1:11 AM, Chris H wrote: > >> > On 5/8/14 15:38, Luigi Rizzo wrote: >> >> On Thu, May 08, 2014 at 09:09:21AM +0800, bycn82 wrote: >> >>> On 5/8/14 8:35, bycn82 wrote: >> >>>> On 5/4/14 1:19, Luigi R

Re: feature of `packet per second`

On Fri, May 09, 2014 at 12:11:16AM +0800, bycn82 wrote: > On 5/8/14 15:38, Luigi Rizzo wrote: ... > >>>>> If i were to implement the feature i would add two parameters > >>>>> (burst, I_max) with reasonable defaults and compute the internal > &g

Re: feature of `packet per second`

On Thu, May 08, 2014 at 09:09:21AM +0800, bycn82 wrote: > On 5/8/14 8:35, bycn82 wrote: > > On 5/4/14 1:19, Luigi Rizzo wrote: > >> > >> > >> > >> On Sat, May 3, 2014 at 2:27 PM, bycn82 >> <mailto:byc...@gmail.com>

Re: feature of `packet per second`

On Sat, May 3, 2014 at 2:27 PM, bycn82 wrote: > On 5/2/14 16:59, Luigi Rizzo wrote: > > > > > On Wed, Apr 30, 2014 at 6:02 PM, bycn82 wrote: > >> >>> fjwc...@gmail.com <mailto:fjwc...@gmail.com> >>> >> Thanks for your reply, and

Re: feature of `packet per second`

On Wed, Apr 30, 2014 at 6:02 PM, bycn82 wrote: > >> fjwc...@gmail.com >> > Thanks for your reply, and it is good to know the sysctl for ICMP. > > finally it works.I just added a new `action` in firewall and it is called > `pps`, that means it can be generic purpose wh

Re: ipfw dynamic rules

On Mon, Mar 24, 2014 at 1:14 AM, Michael Sierchio wrote: > On Sun, Mar 23, 2014 at 4:31 PM, Julian Elischer > wrote: > > > but disabled rules still have a cost I believe as hey still need to be > > traversed, > > unless someone has been very smart.. > > This I did not know. I don't have many, but

Re: Bursty data transfer with Dummynet

On Wed, Nov 13, 2013 at 6:06 AM, Ahmed Hamza wrote: > On Tue, Nov 12, 2013 at 8:50 PM, Julian Elischer > wrote: > > On 11/12/13, 6:35 PM, Ahmed Hamza wrote: > >> > >> Hi All, > >> > >> I'm trying to use Dummynet to test the behaviour of my video streaming > >> application in various network cond

Re: misc/178317: IPFW options need to specifed in specific order

The following reply was made to PR kern/178317; it has been noted by GNATS. From: Luigi Rizzo To: Kirill Diduk Cc: bug-follo...@freebsd.org, jens.kas...@aptilo.com, lu...@freebsd.org Subject: Re: misc/178317: IPFW options need to specifed in specific order Date: Sun, 5 May 2013 15:51:10 +0200

Re: [patch] ipfw interface tracking and opcode rewriting

On Wed, Apr 24, 2013 at 11:50:48PM +0400, Alexander V. Chernikov wrote: > On 24.04.2013 23:09, Luigi Rizzo wrote: > > On Wed, Apr 24, 2013 at 08:46:01PM +0400, Alexander V. Chernikov wrote: > >> On 24.04.2013 20:23, Luigi Rizzo wrote: ... > >> Well, actually I

Re: [patch] ipfw interface tracking and opcode rewriting

On Wed, Apr 24, 2013 at 08:46:01PM +0400, Alexander V. Chernikov wrote: > On 24.04.2013 20:23, Luigi Rizzo wrote: ... > >> vesrion) in the middle of the next week. > > hmmm this is quite a large change, and from the description it > > is a bit unclear to me how the

Re: [patch] ipfw interface tracking and opcode rewriting

On Wed, Apr 24, 2013 at 08:01:23PM +0400, Alexander V. Chernikov wrote: > Hello list! > > Currently ipfw uses strncmp() function to do interface matching which is > quite slow. > Additionally, ipfw_insn_if opcode is quite big and given that struct > ip_fw occupy 48 bytes > (without first instruc

Re: Problems with ipfw/natd and axe(4)

On Sat, Apr 13, 2013 at 03:34:39PM +0200, Spil Oss wrote: > Hi All, > > I can't use ipfw with natd with my ASIX AX88772B USB NIC ... > Found an older PR kern/170081 about fxp having trouble with nat when > rxcsum/txcsum was enabled, that is why I started fiddling with > rxcsum/txcsum and found tha

Re: Limit Session Bandwidth

h pipe to behave similarly to the other case. How to do it depends on the configuration. Probably it would be good to make "one_pass" a per-pipe option. cheers luigi > On Sun, Jan 6, 2013 at 1:37 AM, Luigi Rizzo wrote: > > > On Sat, Jan 05, 2013 at 02:51:07PM +0200, Sami H

Re: Limit Session Bandwidth

I think there is a mistake at the sched config line. it should be as > > ipfw sched 789 config mask all pipe 456 > > > > > > On Thu, Jan 3, 2013 at 10:29 AM, Luigi Rizzo wrote: > > > >> ipfw sched 789 config mask all pipe 123 > > > > > >

Re: Limit Session Bandwidth

On Thu, Jan 03, 2013 at 09:19:05AM +0200, Sami Halabi wrote: > Hi, > I wan t to configure bandwidth limits in the folowing scenario: > limit a specific IP to ,say 10MB, but also limit each Session to, say 1MB. > > so max concurrent sessions of that same IP can with full bandwidth would be > 10, ea

Re: Linux ipfw sysctl equivalents

On Thu, Dec 06, 2012 at 10:03:00AM -0500, Finlayson, James wrote: > Hi, > I'm trying to build a dummynet box on linux (Centos 6.3). I have a bridge > created that properly forwards packets, however I cannot seem to alter their > behavior with ipfw pipes. I've used dummynet on FreeBSD without i

Re: Significant network latency when using ipfw and in-kernel NAT

On Sun, Sep 16, 2012 at 10:39:36PM -0500, Soren Dreijer wrote: > Some more updates: > > I went ahead and disabled a few options on the ixgbe network interface > today (most notably rxcsum and txcsum), which improved ping times to > the FreeBSD box. I'm now able to reliably ping it with ~40ms from

Re: Significant network latency when using ipfw and in-kernel NAT

etimes recovered by retransmissions. cheers luigi > Thanks, > Soren > > On Thu, Sep 13, 2012 at 11:30 AM, Luigi Rizzo wrote: > > > > [top posting for readability] > > i have seen this kind of issues related to bad interaction > > between the nat code and the

Re: Significant network latency when using ipfw and in-kernel NAT

[top posting for readability] i have seen this kind of issues related to bad interaction between the nat code and the various accelerations (mostly TSO/RSC, but i would also try to disable the checksums). Try to remove tso,csum, possibly rsc if you have it, and see if the problem continues. Please

Re: PREVIEW - netmap-enabled ipfw

On Wed, Jul 25, 2012 at 10:34:39PM -0700, Julian Elischer wrote: > On 7/25/12 11:41 AM, Luigi Rizzo wrote: > >First and foremost: this is just a preview, only usable for testing now, > >but very very close to working. > > > > http://info.iet.unipi.it/~luigi/ne

PREVIEW - netmap-enabled ipfw

First and foremost: this is just a preview, only usable for testing now, but very very close to working. http://info.iet.unipi.it/~luigi/netmap/20120725-ipfw-user.tgz At the above URL you can find a userspace version of ipfw that reads packet from a netmap-compatible port (i.e. a netmap s

Re: kern/156770: [ipfw] [dummynet] [patch]: performance improvement and several extensions

On Mon, Jul 02, 2012 at 01:24:09PM +0200, Alter wrote: > Hello Luigi, > > Seems, Alex answered most of you questions > > LR> On the negative side: > LR> - documentation on new features is completely absent. Just a brief mention > LR> in the manpage of ftag/funtag, a short comment in a C source

Re: kern/156770: [ipfw] [dummynet] [patch]: performance improvement and several extensions

On Sun, Jul 01, 2012 at 03:54:35PM +, melif...@freebsd.org wrote: > Synopsis: [ipfw] [dummynet] [patch]: performance improvement and several > extensions > > Responsible-Changed-From-To: freebsd-ipfw->melifaro > Responsible-Changed-By: melifaro > Responsible-Changed-When: Sun Jul 1 15:54:17 U

Re: ipfw rules consuming CPU

On Sat, Jun 09, 2012 at 03:36:15PM +0400, Alexander V. Chernikov wrote: > On 09.06.2012 15:19, Sami Halabi wrote: > >Hi, > >all rules togther less than 80 rules > However, it is too much. > You should reduce this to 10 rules or less (at least for main traffic flow). you should definitely try h

Re: Dummynet and bursting!

On Fri, Apr 27, 2012 at 01:21:04PM +, Javier - wrote: > > I will make more testing and comment. > what?s the max value for burst? i did not find this in docs... you can specify more than 2^40 bytes. Not that it makes any sense... ___ freebsd-ipfw@fr

Re: Dummynet and bursting!

On Fri, Apr 27, 2012 at 12:40:05PM +, Javier - wrote: > > OK, but with increased burst to 5mbytes i have same results. > the issue is the bandwidth, not the burst. it is possible that the system has a bottleneck similar to the 125k you are configuring. Besides, the tcp window or socket buffe

Re: Dummynet and bursting!

On Fri, Apr 27, 2012 at 10:50:17AM +, Javier - wrote: > > I want to leave at cable speed n bytes, after n bytes apply the queue bw > limit... and what are you seeing instead ? Do you have a trace or something that shows that it does not work like this ? cheers luigi > In Linux with htb thi

Re: Dummynet and bursting!

On Fri, Apr 27, 2012 at 04:57:20AM +, Javier - wrote: > > > > > Hello all!, i?m researching about bursting with dummynet?s pipes. i can?t > find the way in order to make the burst paramter work under pipe command;pipe > config burst 50 (500Kbytes)->not luck pipe config .

Re: dummynet warnings

On Mon, Apr 23, 2012 at 12:35:37PM +0400, Sergey Yaroshevskiy wrote: > Hello > > I've got some warnings from my freebsd 9 box: > > ... > Apr 23 12:06:10 pipe kernel: copy_obj (WARN) type 4 inst 65612 have 92 need > 96 > Apr 23 12:06:10 pipe kernel: copy_obj (WARN) type 4 inst 65612 have 60 n

Re: kern/156770: [ipfw] [dummynet] [patch]: performance improvement and several extensions

On Sat, Jan 28, 2012 at 04:00:28PM +, ??? ??? wrote: > The following reply was made to PR kern/156770; it has been noted by GNATS. > > From: =?windows-1251?B?yu7t/Oru4iDF4uPl7ejp?= > To: bug-follo...@freebsd.org, al...@alter.org.ua > Cc: > Subject: Re: kern/156770: [ipfw] [dummynet]

Re: Firewall Profiling.

On Wed, Dec 28, 2011 at 10:28:44AM +0400, Lev Serebryakov wrote: > Hello, Adrian. > You wrote 28 ??? 2011 ?., 10:04:13: > > > Maybe someone should write one and open source it this time.. :) > In presence of LLVM in the base, it looks, that we should generate > native code from IPFW bytecode

Re: Firewall Profiling.

On Wed, Dec 28, 2011 at 10:26:44AM +0400, Lev Serebryakov wrote: > Hello, Luigi. > You wrote 27 ??? 2011 ?., 18:26:00: > > > plans, yes - not sure how long it will take. I have compiled > > ipfw+dummynet as a standalone module (outside the kernel) > > but have not yet hooked the code to netmap

Re: Firewall Profiling.

On Tue, Dec 27, 2011 at 03:18:04PM +0100, Pawel Tyll wrote: > > plans, yes - not sure how long it will take. I have compiled > > ipfw+dummynet as a standalone module (outside the kernel) > > but have not yet hooked the code to netmap to figure out how fast > > it can run. > If I understand corre

Re: Firewall Profiling.

On Tue, Dec 27, 2011 at 03:00:47PM +0100, Pawel Tyll wrote: > > IPFW seems to add more or less constant overhead per rule. In our setup, > > ~20 rules increase load by 100% (one core). We are able to reach 10GE > > (1.1mpps) on some routers with most packets travelling 8-10 ipfw rules. > > However

Re: IPFW eXtended tables [Was: Re: IPFW tables, dummynet and IPv6]

On Sun, Dec 25, 2011 at 10:55:22PM +0400, Alexander V. Chernikov wrote: > Bjoern A. Zeeb wrote: > > On 25. Dec 2011, at 17:47 , Pawel Tyll wrote: > > > >> Hi Alexander, > >> > >>> Changes: > >>> * Tables (actually, radix trees) are now created/freed on demand. > >> Does this mean IPFW_TABLES_MA

Re: ipfw rule processing performances

On Thu, Oct 27, 2011 at 02:53:30PM +1100, Ian Smith wrote: > On Wed, 26 Oct 2011, Julian Elischer wrote: > > On 10/26/11 2:39 PM, Michael Sierchio wrote: > > > On Wed, Oct 26, 2011 at 11:39 AM, Julian Elischer > > > wrote: > > > > > > > read up on all the things you can do with tablearg.. som

Re: ipfw rule processing performances

On Tue, Oct 25, 2011 at 11:36:47AM -0400, Karim wrote: > Hi all, > > I am using ipfw with a fairly small amount of rules (~200). Most of > those are skipto rules to different blocking and pass-through blocks. I > use ipfw tags, ALTQ, nat, fwd and several deny and allow rules and I do > not use/

Re: [PATCH] ipfw call/return rule actions

On Tue, Jun 21, 2011 at 10:22:40AM +, Vadim Goncharov wrote: > Hi, > > I have made a patch http://nuclight.avtf.net/vadim/ipfw_call_20110620.diff > which adds a "call" and "return" rule actions to make it possible to > organize "subroutines" with rules - "skipto" is like "goto" and only > allo

Re: DummyNet configuration for opportunistic Links for emulating DTN

On Mon, May 09, 2011 at 10:16:43PM +0530, quamar niyaz wrote: > Hi, > > I am working on a application which is meant for Delay Tolerant Network. I > want to emulate the opportunistic link availability for the data sending > nodes using dummyNet . One scenario, suppose from source node to > destin

Re: IPFW Table Insertion in C, Dummynet, and an interesting problem.

> Hey guys, > > I'm currently running some custom C code ,via an output plugin for > Snort, which takes an IP and sticks it in an ipfw table. Once the > packet enters the box, I'm using dummynet to delay the packet while > snort analyzes it and inserts the IP into a table, after the piping > delay

Re: kern/156180

On Tue, Apr 05, 2011 at 09:30:14PM +, Gleb Smirnoff wrote: > The following reply was made to PR kern/156180; it has been noted by GNATS. > > From: Gleb Smirnoff > To: bug-follo...@freebsd.org > Cc: a...@freebsd.org > Subject: kern/156180 > Date: Wed, 6 Apr 2011 01:07:29 +0400 > > --5gxpn/Q6

Re: kern/155927: [ipfw] ipfw stops to check bags for compliance with the rules, letting everything Rules

On Mon, Mar 28, 2011 at 06:14:20AM +, lini...@freebsd.org wrote: > Old Synopsis: Ipfw stops to check bags for compliance with the rules, letting > everything Rules > New Synopsis: [ipfw] ipfw stops to check bags for compliance with the rules, > letting everything Rules > > Responsible-Change

Re: ipfw fwd and multicast mac address

On Fri, Mar 04, 2011 at 05:55:38AM +0200, Eugene Perevyazko wrote: > Hi > > I've stumbled on a pretty strange issue in combination of ipfw fwd rules > with multicast. > The system is 7-Stable. > It runs ospf, that uses MC groups 224.0.0.5 and 224.0.0.6. Normally those > groups use dst mac addre

Re: problem analysys (Re: [Panic] Dummynet/IPFW related recurring crash.)

On Mon, Feb 21, 2011 at 12:13:12AM +0100, Pawel Tyll wrote: > > understood. I am just saying that for instance the vlan presence and > > changes is quite significant in this context. > > You say vlans are "pretty much static" but can you tell us who adds/remove > > them, assign addresses ? > It's

Re: problem analysys (Re: [Panic] Dummynet/IPFW related recurring crash.)

On Sun, Feb 20, 2011 at 11:50:28PM +0100, Pawel Tyll wrote: ... > This machine is only doing dummynet traffic shaping from significant > things (otherwise it runs a dhcpd, ntpd and named). It's pretty > straight-forward routing, packets come in, packets come out via static > routes - there are curr

problem analysys (Re: [Panic] Dummynet/IPFW related recurring crash.)

ocaladdr() is an ipv4 addr passed by value, so it is certainly not guilty even if we had a bogus argument. This seems to suggest that the problem is elsewhere -- perhaps some piece of code is manipulating the IN_IFADDR list without locking, causing it to become corrupt ? cheer

Re: about "profile" in IPFW/dummynet

On Thu, Feb 10, 2011 at 12:09:09AM +, nangergong wrote: > Hi, all: > >I want to use "profile" to simulate delays according to a empirical delay > distribution ( the "profile" argument can be found in > http://fuse4bsd.creo.hu/localcgi/man-cgi.cgi?ipfw+8) > I use the following command lines

Re: How to obtain fixed packet loss ?

On Mon, Jan 03, 2011 at 06:22:54PM +, nangergong wrote: > Hi, all: > > As far as I know, in dummynet, plr is prabability-based, namely, when a > packet is processed, it will be discarded according to the probability. So, > if I have 100 packets and the plr is 5%, eventually I may just discar

Re: two questions:1 relationship between dummynet and wireshark 2 how to add latency for each packet to be sent

On Fri, Nov 26, 2010 at 02:43:12PM +, nangergong wrote: > Hi??? > > Thank you so much for your reply. I used the windows version of > dummynet/IPFW, so is it the same that wireshark will intercept > incoming traffic before dummynet, and outgoing traffic after dummynet? Coz it all depends on

Re: two questions:1 relationship between dummynet and wireshark 2 how to add latency for each packet to be sent

On Thu, Nov 25, 2010 at 03:31:16PM +, nangergong wrote: > Hi, all: > > 1 relationship between dummynet and wireshark > > I have a question on the relationship between dummynet and wireshark. Does > wireshark capture packets before dummynet starts working or after? Which of > the following ch

Re: Understanding of "mask"

On Tue, Nov 23, 2010 at 02:19:02PM +, nangergong wrote: > Hi, all, > > I don't understand the meaning of "mask", > for example, in the following statements: > -- > ipfw pipe 1 config delay 80ms mask all > ipfw add 600 pipe 1 ip from 9.161.150.55 to 9

Re: traffic bandwidth limit with dummynet

> to "80 slots") > > thanks again luigi. > > > > > > > From: Luigi Rizzo > To: bored to death > Cc: freebsd-ipfw > Sent: Fri, June 4, 2010 4:27:25 PM > Subject: Re: traffic bandwidth limit with dummynet > > On Fri, Jun 04, 2010 at 01:19

Re: traffic bandwidth limit with dummynet

On Fri, Jun 04, 2010 at 01:19:32AM -0700, bored to death wrote: > thank you luigi for your reply, it helped. > > i changed the hz parameter to 1000 and then 4000 and then 8000 in my > /boot/loader.conf. the result got much better. > i configured my system as a router and i send 1GB traffic rate p

Re: traffic bandwidth limit with dummynet

On Thu, Jun 03, 2010 at 09:29:20AM -0700, bored to death wrote: > hello, > > i'm trying to limit my input traffic bandwidth on freebsd. i used > ipfw+dummynet. without limitation, i have almost 1Gbit/s input traffic > on my system. when i try to limit the bandwidth, it works fine on low > to norma

Re: Loading dummynet via loader.conf doesn't work

On Wed, Jun 02, 2010 at 09:53:18PM +0300, Dmitry Pryanishnikov wrote: > Hello! > > In RELENG_6 loading dummynet.ko from /boot/loader.conf > > dummynet_load="YES" > > works correctly. However in fresh RELENG_8 it results in strange > behaviour: loader shows /boot/kernel/dummynet.ko getting load

Re: Performance issue with new pipe profile feature in FreeBSD 8.0 RELEASE

49 > Reply from 69.147.125.65: bytes=1470 time=43ms TTL=49 > Reply from 69.147.125.65: bytes=1470 time=45ms TTL=49 > Reply from 69.147.125.65: bytes=1470 time=42ms TTL=49 > > Ping statistics for 69.147.125.65: > Packets: Sent = 22, Received = 22, Lost = 0 (0% loss), > Appr

Re: Performance issue with new pipe profile feature in FreeBSD 8.0 RELEASE

ulator, but it > seems that in it's current implementation it does not allow for the full > utilization of the emulated bandwidth regardless of how little or static the > extra delay is set to. > > > Sincerely, > > Nuno Diogo > > On Tue, May 18, 2010 at 12:12 PM, Nuno Diogo wrote: > > > Hi all, > > > > I?m encountering th

ipfw-related video on GoogleTechTalks

Just in case you are interested, Murray Stokely was very kind in organizing a talk at Google on recent ipfw and dummynet work. A recording is available on the GoogleTechTalks channel: http://www.youtube.com/watch?v=r8vBmybeKlE BTW there is plenty of interesting talks on that channel so I'

Re: dummynet and vnet kernel panic

On Wed, Apr 07, 2010 at 09:58:38PM +0200, Anders Hagman wrote: > Hi > > When using dummynet inside a vnet node with a simple pipe the kernel > panic on the first packet. > > I use 8.0-STABLE cvsuped at 7 Apr 15:28 > The ipfw code with dummynet is largely changed and the patch in the url > below

Re: dummynet and vnet kernel panic

On Wed, Apr 07, 2010 at 01:56:31PM -0700, Julian Elischer wrote: > On 4/7/10 1:38 PM, Luigi Rizzo wrote: > >On Wed, Apr 07, 2010 at 09:58:38PM +0200, Anders Hagman wrote: > >>Hi > >> > >>When using dummynet inside a vnet node with a simple pipe the kernel >

Re: dummynet and vnet kernel panic

On Wed, Apr 07, 2010 at 09:58:38PM +0200, Anders Hagman wrote: > Hi > > When using dummynet inside a vnet node with a simple pipe the kernel > panic on the first packet. > > I use 8.0-STABLE cvsuped at 7 Apr 15:28 > The ipfw code with dummynet is largely changed and the patch in the url > below

Re: ipfw error in last stable version freebsd 8

On Thu, Apr 01, 2010 at 04:50:45AM -0300, Ass.Tec. Matik wrote: > > seems to be some more confusion > > > 2 rule > . other rules > 01000 rule > . other rules > 00100 allow ip from any to any via lo0 > 0 ip from any to any > > > the last as I said in my former msg but the #00

Re: ipfw error in last stable version freebsd 8

On Wed, Mar 31, 2010 at 03:47:49PM -0300, Ass.Tec. Matik wrote: > > > > it means that you are probably using a new kernel and an old /sbin/ipfw. > > The new ipfw/dummynet has a different kernel/userland API to accommodate > > some new features, and the kernel has a compatibility layer to translat

Re: ipfw error in last stable version freebsd 8

On Wed, Mar 31, 2010 at 08:43:02PM +0400, Evgenii Davidov wrote: > > > Dear Luigi, what is the meaning of this messages: > > Mar 31 00:33:04 i1 kernel: ip_dn_ctl dummynet: compat option 60 > Mar 31 00:33:04 i1 kernel: ip_dummynet_compat setting compatibility with > FreeBSD 8 it means that you

Re: ipfw error in last stable version freebsd 8

On Tue, Mar 30, 2010 at 04:09:58PM -0300, Adailton Milhorini wrote: > Hi, > > I upgrade my server with last freebsd 8 stable, and before this my > server is denied all packets with ipfw... > > searching in log/messages i found this lines... > > Mar 30 15:14:40 saturno kernel: ipfw: ouch!, skip

Re: dummynet error in last stable version

On Thu, Mar 25, 2010 at 03:00:01PM -0300, Adailton Milhorini wrote: > Hi, > > i use this rules for my bandwidth control, and after update my freebsd > in last days, show any error for me.. > my rule > ># ipfw pipe 10 config mask dst-ip 0x bw 900Kbit/s queue 90Kbit/s > > errors in d

Re: ipfw: missing action

On Wed, Mar 24, 2010 at 03:22:40PM -0700, Michael Sierchio wrote: > I'm really distressed about the state of ipfw development. Is there no test > harness? Rather than becoming more mature and stable, I think it's in the > weeds these days. Yeah, really disgusting :) I am sorry, there is no comp

Re: r205511 - ipfw.ko has unresolved symbols

On Wed, Mar 24, 2010 at 10:48:07AM -0400, Alexander Wittig wrote: > Hello > > Since the r205511 commit to 8-Stable my kernel can't load ipfw.ko any > more. The error message in dmsg is: > > kernel: link_elf_obj: symbol ipfw_dyn_attach undefined > kernel: linker_load_file: Unsupported file type >

Re: Small problem with "ipfw list"

On Mon, Mar 15, 2010 at 07:57:24PM +0100, Oliver Fromme wrote: > > Luigi Rizzo wrote: > > On Tue, Mar 09, 2010 at 03:36:15PM +0100, Oliver Fromme wrote: > > > Hi, > > > > > > Just a question: Is the output from "ipfw list" supposed > &

Re: Small problem with "ipfw list"

On Tue, Mar 09, 2010 at 03:36:15PM +0100, Oliver Fromme wrote: > Hi, > > Just a question: Is the output from "ipfw list" supposed > to be in the same rule format that is accepted as input? > If that's the case, then there is a small bug: > > # ipfw add 100 allow ip from any to '{' 1.1.1.1 or 2.2

Re: dummynet cpu usage

On Fri, Mar 12, 2010 at 06:34:29PM +0300, Evgenii Davidov wrote: > Dear Luigi, > > i've moved from RELENG_8 to RELENG_8_0 and now have a lot of idle cpu again: > > 0 root -680 0K72K - 0 0:31 0.00% {dummynet} > > 00030 2671994 474106017 pipe 6 ip from table(111) to a

Re: Small problem with "ipfw list"

On Wed, Mar 10, 2010 at 12:20:33PM +0100, Oliver Fromme wrote: > Luigi Rizzo wrote: > > On Tue, Mar 09, 2010 at 03:36:15PM +0100, Oliver Fromme wrote: > > > Just a question: Is the output from "ipfw list" supposed > > > to be in the same rule format that i

Re: Small problem with "ipfw list"

On Tue, Mar 09, 2010 at 03:36:15PM +0100, Oliver Fromme wrote: > Hi, > > Just a question: Is the output from "ipfw list" supposed > to be in the same rule format that is accepted as input? it is not, partly due to backward compatibility. If you try "ipfw -c show" then you might have better luck

Re: dummynet: waking up pipe

On Fri, Jan 22, 2010 at 07:42:46PM +0300, Evgenii Davidov wrote: > , > > On Fri, Jan 22, 2010 at 02:46:28PM +0100, Luigi Rizzo ?: > > > On Fri, Jan 22, 2010 at 04:35:35PM +0300, Evgenii Davidov wrote: > > ... > > > > > > my problem is

Re: Dummynet dynamic pipe per /29 network

On Fri, Jan 22, 2010 at 11:36:59AM -0200, Patrick Tracanelli wrote: > Hello, > > I use to have dyamic dummy pipes configure with 0x mask (per > host), 0x0000 mask, 0x00ff00 mask (some sort of /24 network) and > so on. However, I have tried to configure dynamic pipes for /29 network

Re: dummynet: waking up pipe

On Fri, Jan 22, 2010 at 04:35:35PM +0300, Evgenii Davidov wrote: ... > > > > my problem is that dummynet cpu usage jumps from 0 to 99%: > > > > > > > >33 root1 -68- 0K 8K - 1 512.6H 86.18% > > > > dummynet > > > >33 root1 -68- 0K 8K - 1

Re: dummynet: waking up pipe

On Fri, Jan 22, 2010 at 04:10:26PM +0300, Evgenii Davidov wrote: > , > > On Tue, Jan 12, 2010 at 02:05:39PM +0300, Evgenii Davidov ?: > > > hello > > > > when i enable net.inet.ip.dummynet.debug i get a lot of: > > > > Jan 12 13:53:32 r2 kernel: dummynet: waking up pipe 1380 at

Re: Unified rc.firewall ipfw me/me6 issue

On Sun, Jan 17, 2010 at 12:04:43PM +0100, Luigi Rizzo wrote: > On Sun, Jan 17, 2010 at 05:42:58PM +0900, Hajimu UMEMOTO wrote: > > Hi, > > > > >>>>> On Sun, 10 Jan 2010 19:52:32 +0100 > > >>>>> Luigi Rizzo said: > > > > ri

Re: Unified rc.firewall ipfw me/me6 issue

On Sun, Jan 17, 2010 at 05:42:58PM +0900, Hajimu UMEMOTO wrote: > Hi, > > >>>>> On Sun, 10 Jan 2010 19:52:32 +0100 > >>>>> Luigi Rizzo said: > > rizzo> We only need one 'me' option that matches v4 and v6, because the > rizzo>

Re: RFC: new ipfw options

On Sun, Jan 10, 2010 at 11:55:54PM -0800, Julian Elischer wrote: > Maxim Ignatenko wrote: > >2009/12/9 Luigi Rizzo : > >>3. a hash version of 'table's > >> > >> Right now ipfw tables are implented as routing tables, which is > >> great

  1   2   >