DragonFly BSD
DragonFly users List (threaded) for 2013-04
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: Dummynet + PF + vkernel


From: Raimundo Santos <raitech@xxxxxxxxx>
Date: Sat, 13 Apr 2013 11:19:07 -0300

--089e01184d740b515604da3eb556
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi Antonio!

Well, there is not much to miss ;) - it is an ISP which uses wireless to
distribute internet, which in turns do not allow us to control the
bandwidth limit over the medium in a trusted way. Therefore, we need to
limit this traffic in some way, and the actual way is with linux(iptables +
tc), but it is hard to maintain - and almost everything is manualy
controled 0_o (I am new at this job)

A really liked the PF syntax, it is clean and easy to read - even more
within the match keyword that is new in OpenBSD >=3D 4.7. But the queuing
methods implemented in PF do not let to share the bandwitdh in an
overbooking fashion, which is crucial to an ISP. The only way is to divide
the queues to share bandwidth in a manner that do not surpass the total.

By now, I am putting my chips in FreeBSD ipfw integration with ALTQ, in a
way that the packets are limited by pipe and queued with HFSC in ALTQ. But
I really dislike the syntax of ipfw, it reminds me of iptables.

Cheers!


On 12 April 2013 18:13, Antonio Huete Jimenez <tuxillo@quantumachine.net>wr=
ote:

> **
>  Hi Raimundo,
>
>  I don't think vkernels are up to the task currently. In my
> experience/opinion they are not stable and fast enough now for what you a=
re
> intending to do.
>  Maybe I am just missing some details of your setup.
>
>  Cheers,
>  Antonio Huete
>
> El 12 de abril de 2013 a las 17:14 Raimundo Santos <raitech@gmail.com>
> escribi=F3:
>
>  On 12 April 2013 02:58, Sepherosa Ziehau <sepherosa@gmail.com> wrote:
>
>
> You could use ALTQ fairq w/ PF, which is similar to dummynet's WF2Q
>
> Best Regards,
> sephe
>
> --
> Tomorrow Will Never Die
>
>
> Hum... but I need to do a hard limiting to all my customers. They have a
> unique IP address, so I can decide about the bandwidth (here, we are abou=
t
> to implement RADIUS to do auth too). The ideia here is to
>
>  1. limit external in/out traffic
>  2. do QoS over this limited traffic
>
>  I have an average of 600 clients at the same time, so I think that FAIRQ
> could be a good thing but not to hard limiting every IP.
>
>  If I offer three kinds of bandwidth to my customers, may I define three
> subclasses in FAIRQ and let the traffic of the right kinds go through the
> right queues? I think it does not work: if someone is hogging that queue,
> what the others will end up with?
>
> --
> --------------------------------------------
> Raimundo A. P. Santos
> Bacharelando em Inform=E1tica
> ICMC - USP
>
>
>
>



--=20
--------------------------------------------
Raimundo A. P. Santos
Bacharelando em Inform=E1tica
ICMC - USP

--089e01184d740b515604da3eb556
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Hi Antonio!<div><br></div><div style>Well, there is not mu=
ch to miss ;) - it is an ISP which uses wireless to distribute internet, wh=
ich in turns do not allow us to control the bandwidth limit over the medium=
 in a trusted way. Therefore, we need to limit this traffic in some way, an=
d the actual way is with linux(iptables + tc), but it is hard to maintain -=
 and almost everything is manualy controled 0_o (I am new at this job)</div=
>

<div style><br></div><div style>A really liked the PF syntax, it is clean a=
nd easy to read - even more within the match keyword that is new in OpenBSD=
 &gt;=3D 4.7. But the queuing methods implemented in PF do not let to share=
 the bandwitdh in an overbooking fashion, which is crucial to an ISP. The o=
nly way is to divide the queues to share bandwidth in a manner that do not =
surpass the total.</div>

<div style><br></div><div style>By now, I am putting my chips in FreeBSD ip=
fw integration with ALTQ, in a way that the packets are limited by pipe and=
 queued with HFSC in ALTQ. But I really dislike the syntax of ipfw, it remi=
nds me of iptables.</div>

<div style><br></div><div style>Cheers!</div></div><div class=3D"gmail_extr=
a"><br><br><div class=3D"gmail_quote">On 12 April 2013 18:13, Antonio Huete=
 Jimenez <span dir=3D"ltr">&lt;<a href=3D"mailto:tuxillo@quantumachine.net"=
 target=3D"_blank">tuxillo@quantumachine.net</a>&gt;</span> wrote:<br>

<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><u></u>
   =20
 <div>
=20
 =20
=20
=20
  <div>
   Hi Raimundo,
  </div>=20
  <div>
   =A0
  </div>=20
  <div>
   I don&#39;t think vkernels are up to the task currently. In my experienc=
e/opinion they are not stable and fast enough now for what you are intendin=
g to do.
  </div>=20
  <div>
   Maybe I am just missing some details of your setup.
  </div>=20
  <div>
   =A0
  </div>=20
  <div>
   Cheers,
  </div>=20
  <div>
   Antonio Huete
  </div>=20
  <blockquote style=3D"margin-left:0px;padding-left:10px;border-left:solid =
1px blue" type=3D"cite">
   El 12 de abril de 2013 a las 17:14 Raimundo Santos &lt;<a href=3D"mailto=
:raitech@gmail.com" target=3D"_blank">raitech@gmail.com</a>&gt; escribi=F3:
   <br><div><div class=3D"h5">
   <br>=20
   <div dir=3D"ltr">
    On 12 April 2013 02:58, Sepherosa Ziehau=20
    <span>&lt;<a href=3D"mailto:sepherosa@gmail.com"; target=3D"_blank">seph=
erosa@gmail.com</a>&gt;</span> wrote:
    <br>=20
    <div class=3D"gmail_extra">=20
     <div class=3D"gmail_quote">=20
      <blockquote style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;pad=
ding-left:1ex">=20
       <div>
        =A0
       </div> You could use ALTQ fairq w/ PF, which is similar to dummynet&=
#39;s WF2Q
       <br>=20
       <br> Best Regards,
       <br> sephe
       <br>=20
       <br> --
       <br> Tomorrow Will Never Die
      </blockquote>=20
     </div>=20
     <br>Hum... but I need to do a hard limiting to all my customers. They =
have a unique IP address, so I can decide about the bandwidth (here, we are=
 about to implement RADIUS to do auth too). The ideia here is to
    </div>=20
    <div class=3D"gmail_extra">
     =A0
    </div>=20
    <div class=3D"gmail_extra">
     1. limit external in/out traffic
    </div>=20
    <div class=3D"gmail_extra">
     2. do QoS over this limited traffic
    </div>=20
    <div class=3D"gmail_extra">
     =A0
    </div>=20
    <div class=3D"gmail_extra">
     I have an average of 600 clients at the same time, so I think that FAI=
RQ could be a good thing but not to hard limiting every IP.
    </div>=20
    <div class=3D"gmail_extra">
     =A0
    </div>=20
    <div class=3D"gmail_extra">
     If I offer three kinds of bandwidth to my customers, may I define thre=
e subclasses in FAIRQ and let the traffic of the right kinds go through the=
 right queues? I think it does not work: if someone is hogging that queue, =
what the others will end up with?=A0
     <br clear=3D"all">=20
     <div>
      =A0
     </div> --=20
     <br>--------------------------------------------
     <br>Raimundo A. P. Santos
     <br>Bacharelando em Inform=E1tica
     <br>ICMC - USP
    </div>=20
   </div>=20
  </div></div></blockquote>=20
  <div>
   <br>=A0
  </div>
=20
</div></blockquote></div><br><br clear=3D"all"><div><br></div>-- <br>------=
--------------------------------------<br>Raimundo A. P. Santos<br>Bacharel=
ando em Inform=E1tica<br>ICMC - USP
</div>

--089e01184d740b515604da3eb556--



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]