Limiter overflowing when using to Reduce Stress on Switch



  • Edit: I guess my real  question is: Is there a way to make the limiter start dropping packets once it reaches a certain bandwidth/rate? I don't like having to drop 15% of packets across the board if there isn't a need.

    Hello,

    We have a gigabit connection, but one of our subnets is bottlenecked thru a 10/100 switch, (and it's capp'd of course) and the retransmissions + errors were causing havoc on the firewall, so I implemented a limiter to handle it.

    This is working great, except the limiter is overflowing. Since data download is constantly above the limited rate (76Mb/s), the limiter is building and building, current output of ipfw pipe show:

    00001:  76.000 Mbit/s    0 ms burst 0
    q131073  50 sl. 0 flows (1 buckets) sched 65537 weight 0 lmax 0 pri 0 droptail
     sched 65537 type FIFO flags 0x0 0 buckets 1 active
      0 ip           0.0.0.0/0             0.0.0.0/0       92     9991  0    0   0
    00002:  76.000 Mbit/s    0 ms burst 0
    q131074  50 sl. 0 flows (1 buckets) sched 65538 weight 0 lmax 0 pri 0 droptail
     sched 65538 type FIFO flags 0x0 0 buckets 1 active
      0 ip           0.0.0.0/0             0.0.0.0/0     17126123 23700922965 41 57062 3416184
    

    You can see the bottom limiter just keeps growing and growing, currently over 23Gb, how can I control this? I'm thinking of dropping packets, but how do i know how many to drop, and is that really the best solution, dropping packets? Or can I somehow force the clients to get less information so the limiter doesn't overflow.


Log in to reply