Half Bandwidth??? ipfw/dummynet *RESOLVED*

[randal]

Okay, this question is for you BSD people. I have a box setup here that is serving PPPoE, and when a user connects, /etc/ppp/ppp.linkup is ran. This file is setup to 1) cross reference a username to a customer bandwidth and 2) use those settings to traffic shape their connection.

The file is /etc/ppp/users.conf, formatted like so:
joesixpack 256 256

/etc/ppp/addclient.sh (ran by ppp.linkup):

usernum=`grep -n ""$user"" /etc/ppp/users.conf | cut -d":" -f1`
inkbps=`grep ""$user"" /etc/ppp/users.conf | cut -d" " -f2`
outkbps=`grep ""$user"" /etc/ppp/users.conf | cut -d" " -f3`

pipein=`echo "$usernum"*2 | bc`
pipeout=`expr $pipein + 1`
fwrulein=`expr $pipein + 1000`
fwruleout=`expr $fwrulein + 1`

$fwcmd pipe $pipein config bw ${inkbps}Kbit/s
$fwcmd pipe $pipeout config bw ${outkbps}Kbit/s
$fwcmd add $fwrulein pipe $pipein ip from any to $clientip
$fwcmd add $fwruleout pipe $pipeout ip from $clientip to any

This *DOES* add in the appropriate things to IPFW. A quick ipfw show gives me:
01002 5544 4920726 pipe 2 ip from any to 192.168.1.53
01003 4289 383102 pipe 3 ip from 192.168.1.53 to any
65535 0 0 deny ip from any to any

and ipfw pipe show gives me:
00002: 256.000 Kbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail
00003: 256.000 Kbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail

So, ipfw sure thinks that it's giving me 256kbps. Here in the lab though, my actual throughput is exactly 128kbps.

Any ideas?
randal

 

[randal]

Fortunately, one of the huge @##holes from EFNet#FreeBSD took time out of his hostile life to point out that the lack of "out" and "in" modifiers cause the packets to get matched twice. Apparently this behaviour cuts the bandwidth in half, and applying the out/in fixes the issue.

randal

*irritated at god-complex unix people*

 

[skyking]

get irritated all you want, but do me a favor, and post the right config for me to see, please

 

[randal]

/etc/ppp.conf
default:
set log Chat Command Phase
enable chap pap
allow mode direct
enable proxy
disable ipv6cp
set mru 1472
set mtu 1472
set ifaddr 192.168.1.102 192.168.1.50-192.168.1.59
set radius /etc/radius.conf
accept dns

/etc/ppp/ppp.linkup
default:
bg /etc/ppp/addclient.sh USER connect INTERFACE HISADDR MYADDR

/etc/ppp/addclient.sh
#!/bin/sh
user=$1
type=$2
int=$3
clientip=$4
serverip=$5
fwcmd=/sbin/ipfw

usernum=`grep -n ""$user"" /etc/ppp/users.conf | cut -d":" -f1`
inkbps=`grep ""$user"" /etc/ppp/users.conf | cut -d" " -f2`
outkbps=`grep ""$user"" /etc/ppp/users.conf | cut -d" " -f3`

pipein=`echo "$usernum"*2 | bc`
pipeout=`expr $pipein + 1`
fwrulein=`expr $pipein + 1000`
fwruleout=`expr $fwrulein + 1`
fwholein=`expr $pipein + 33000`
fwholeout=`expr $fwholein + 1`

$fwcmd pipe $pipein config bw ${inkbps}Kbit/s
$fwcmd pipe $pipeout config bw ${outkbps}Kbit/s
$fwcmd add $fwrulein pipe $pipein ip from any to $clientip in
$fwcmd add $fwruleout pipe $pipeout ip from $clientip to any out
$fwcmd add $fwholein permit ip from any to $clientip
$fwcmd add $fwholeout permit ip from $clientip to any


This is a totally working PPPoE setup for our wireless deployment ... it conforms to what I like to call WARTA: Wireless Authentication, Routing, Traffic Control and Accounting. Using pppoed/ppp + ipfw/dummynet makes all of those happen ... it's pretty hot, if I do say so myself (not being a *nix person).

cheers,
randal

 

[skyking]

quite hot, IMO!
nice

 

[Barnaby W. Füi]

Randal -- you wrote this? Wow, cool (I was reading your paper and the "efnet #freebsd a-hole" thing reminded me of.. *someone* on AT recently, searched, and remembered it was you

 

[randal]

Yea, I wrote that article ... it got posted up on Slashdot earlier today under A Solution for Making WiFi Cost Effective.

That article is getting syndicated all around the net as we speak ... 44,000 hits to the HTML version and counting

Cheers,
randal

 

[Barnaby W. Füi]

Yep, saw it on slashdot.

 

[RossMAN]

Whoa