Kazi A. Sharif wrote:
Hello Thomas,
Thanks for the reply. It seems I am not in the right track. I used
Emerging Technologies commercial bandwidth manager. It was tested with
2000 rules and the total traffic was 25Mbps. It is build on UNIX OS.
Emerging technologies use FreeBSD. See the FAQ:
http://www.etinc.com/index.php?page=bwmgrfaq.htm
I heard that Allot is also able to use many rules. In Mikrotik we can
create Queue/Queue group/Firewall/IP based MRTG Graph/Time-based QoS
and they say that it is tested with Gigabit traffic.
My current requirement is bellow 100Mbps but there will have at least
4000 clients that means 4000 IPs. We use the packages 64, 96, 128,
256, 512, 1024/1024kbps and so on. We used to create 2 rules for each
user, one for bandwidth and another for firewall or MAC binding with IP.
After a lot of searching on IPFW+Dummynet I didn't find a good IP
based in/out traffic graphing way through SNMP or something like that,
I checked for Time-based QoS on IPFW+Dummynet and saw a patch but its
not granted, I wanted to use name with rule number but I don't think
uid/gid is what I was looking for.
So do you think there is a way to use IPFW+Dummynet using table to
reduce number of rules and for at least 100Mbps traffic? You may have
other suggestions to use Altq+PF or something similar.
I think I should spent time on this if my above requirements are
achievable.
Thanking
Sharif
Thomas Vogt wrote:
Hello
Am 20.07.2008 um 01:06 schrieb Kazi A. Sharif:
Hello Guys,
I was planning to install a heavy duty bandwidth manager for my ISP.
I went through some documentation and installed IPFW and Dummynet in
FreeBSD 7.0. Before I spent so much time on this I need to know the
limitations that are already noticed:
1. If we compare IPFW+Dummynet with Allot or Emerging Technologies
Bandwidth manager, how efficient is the IPFW+Dummynet?
2. Is it possible to control/throttle 800/900Mbps bandwidth using
recommended hardware?
We use something similiar to make sure that certain ip ranges always
get the best performance. Simulating some kind of QoS and set a max
bandwidth for everything.
We figured out that the limit with this Xeon is somewhere between
200-300Mbps with a few IPFW+Dummynet rules. We also tested a slower
quad cores but the performance was even worse. UP systems with fast
CPU where the best choice so far for us. At the moment our system
runs with 6.2 but to be honest i don't belive that the performance
gets trippled with FreeBSD 7.
Our hardware:
Intel(R) Xeon(TM) CPU 3.20GHz (3199.10-MHz 686-class CPU) and intel
em cards (<Intel(R) PRO/1000 Network Connection Version - 6.2.9).
In the past Ian Freislich mentioned at performance@ that AMD
Opterons are maybe faster because of the bigger L1 cache. You will
get less cache misses with it.
We could squeeze a bit more speed with ipfw table keyword. In
gerneral, the less rule you have the better performance you will get.
There is also an dummynet issue with FreeBSD 7.0. We just used
dummynet to limit a ftp server to 500Mpbs and had a lot of kernel
panics. Oleg Bulyzhin wrote a patch:
http://www.freebsd.org/cgi/query-pr.cgi?prp=113548-3-diff
As far as i know this patch is not included in 7.0-Release and i'm
not sure if it was ever commited to -stable or -head.
Regards,
Thomas Vogt
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
--
ONE THING KIDS LIKE is to be tricked. For instance, I was going to take
my little nephew to Disneyland, but instead I drove him to a burned-out
warehouse. "Oh, oh," I said. "Disneyland burned down." He cried and
cried, but I think that deep down he thought it was a pretty good joke.
I started to drive over to the real Disneyland, but it was getting
pretty late. -- Jack Handey, The New Mexican, 1988
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
