diff options
author | David Malone <dwmalone@FreeBSD.org> | 2008-02-27 13:52:33 +0000 |
---|---|---|
committer | David Malone <dwmalone@FreeBSD.org> | 2008-02-27 13:52:33 +0000 |
commit | 2b2c3b23d19b198af63b51c707e6dc21caa1b032 (patch) | |
tree | b1105715418f1a9b9ce229ae138ba7e4599e9a8c /sbin/ipfw | |
parent | 64da64c3f78ea71cd75055ddb0814a416eda2d1d (diff) | |
download | src-2b2c3b23d19b198af63b51c707e6dc21caa1b032.tar.gz src-2b2c3b23d19b198af63b51c707e6dc21caa1b032.zip |
Dummynet has a limit of 100 slots queue size (or 1MB, if you give
the limit in bytes) hard coded into both the kernel and userland.
Make both these limits a sysctl, so it is easy to change the limit.
If the userland part of ipfw finds that the sysctls don't exist,
it will just fall back to the traditional limits.
(100 packets is quite a small limit these days. If you want to test
TCP at 100Mbps, 100 packets can only accommodate a DBP of 12ms.)
Note these sysctls in the man page and warn against increasing them
without thinking first.
MFC after: 3 weeks
Notes
Notes:
svn path=/head/; revision=176626
Diffstat (limited to 'sbin/ipfw')
-rw-r--r-- | sbin/ipfw/ipfw.8 | 14 | ||||
-rw-r--r-- | sbin/ipfw/ipfw2.c | 23 |
2 files changed, 32 insertions, 5 deletions
diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index fa7a0c54ee06..779600544e54 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -1971,6 +1971,13 @@ or 20s of queue on a 30Kbit/s pipe. Even worse effects can result if you get packets from an interface with a much larger MTU, e.g.\& the loopback interface with its 16KB packets. +The +.Xr sysctl 8 +variables +.Em net.inet.ip.dummynet.pipe_byte_limit +and +.Em net.inet.ip.dummynet.pipe_slot_limit +control the maximum lengths that can be specified. .Pp .It Cm red | gred Ar w_q Ns / Ns Ar min_th Ns / Ns Ar max_th Ns / Ns Ar max_p Make use of the RED (Random Early Detection) queue management algorithm. @@ -2190,6 +2197,13 @@ will be expired even when .It Va net.inet.ip.dummynet.red_max_pkt_size : No 1500 Parameters used in the computations of the drop probability for the RED algorithm. +.It Va net.inet.ip.dummynet.pipe_byte_limit : No 1048576 +.It Va net.inet.ip.dummynet.pipe_slot_limit : No 100 +The maximum queue size that can be specified in bytes or packets. +These limits prevent accidental exhaustion of resources such as mbufs. +If you raise these limits, +you should make sure the system is configured so that sufficient resources +are available. .It Va net.inet.ip.fw.autoinc_step : No 100 Delta between rule numbers when auto-generating them. The value must be in the range 1..1000. diff --git a/sbin/ipfw/ipfw2.c b/sbin/ipfw/ipfw2.c index 91e79324e75b..d9375995e67e 100644 --- a/sbin/ipfw/ipfw2.c +++ b/sbin/ipfw/ipfw2.c @@ -4341,11 +4341,25 @@ end_mask: errx(EX_DATAERR, "weight must be <= 100"); } if (p.fs.flags_fs & DN_QSIZE_IS_BYTES) { - if (p.fs.qsize > 1024*1024) - errx(EX_DATAERR, "queue size must be < 1MB"); + size_t len; + long limit; + + len = sizeof(limit); + if (sysctlbyname("net.inet.ip.dummynet.pipe_byte_limit", + &limit, &len, NULL, 0) == -1) + limit = 1024*1024; + if (p.fs.qsize > limit) + errx(EX_DATAERR, "queue size must be < %ldB", limit); } else { - if (p.fs.qsize > 100) - errx(EX_DATAERR, "2 <= queue size <= 100"); + size_t len; + long limit; + + len = sizeof(limit); + if (sysctlbyname("net.inet.ip.dummynet.pipe_slot_limit", + &limit, &len, NULL, 0) == -1) + limit = 100; + if (p.fs.qsize > limit) + errx(EX_DATAERR, "2 <= queue size <= %ld", limit); } if (p.fs.flags_fs & DN_IS_RED) { size_t len; @@ -4363,7 +4377,6 @@ end_mask: len = sizeof(int); if (sysctlbyname("net.inet.ip.dummynet.red_lookup_depth", &lookup_depth, &len, NULL, 0) == -1) - errx(1, "sysctlbyname(\"%s\")", "net.inet.ip.dummynet.red_lookup_depth"); if (lookup_depth == 0) |