Log in

No account? Create an account
'Twas brillig, and the slithy toves did gyre and gimble in the wabe [entries|archive|friends|userinfo]

[ website | Beware the Jabberwock... ]
[ deviantArt | the-boggyb ]
[ FanFiction | Torkell ]
[ Tumblr | torkellr ]

[Random links| BBC news | Vulture Central | Slashdot | Dangerous Prototypes | LWN | Raspberry Pi]
[Fellow blogs| a Half Empty Glass | the Broken Cube | The Music Jungle | Please remove your feet | A letter from home]
[Other haunts| Un4seen Developments | Jazz 2 Online | EmuTalk.net | Feng's shui]

On IPCop and traffic shaping [Tuesday 19th June 2007 at 1:46 pm]

[Tags|, , , ]
[Where |Brighton, England]
[Feeling |annoyedannoyed]
[Playing |Talk ~ Coldplay/X&Y]

Today's discovery: IPCop's traffic shaping is really odd.

About a year ago, I set up traffic shaping at 10240 kbits/sec down, 448 kbits/sec up and forget about it.

Today, I was puzzling over why the slower ADSL2+ connection (3.5Mb/s down, 1.2Mb/s up) actually performed better than the ntl cable (rated for 10Mb/s down, 512kb/s up, in practice about 4Mb/s down) and realised that all testing with ADSL2+ had excluded the IPCop firewall. So I disable the traffic shaping on a whim, and download speeds doubled.

Testing with Virgin Media's FTP server, I just managed to download a 252MB file in about 6 minutes 30 seconds. That's 6.55Mb/s. That's about 2Mb/s more than we generally get from this connection.

Right, anyone know how to set up IPCop traffic shaping such that it doesn't suck?
Link | Previous Entry | Share | Next Entry[ 3 pennies | Penny for your thoughts? ]

From: pewterfish
Tuesday 19th June 2007 at 1:57 pm (UTC)
...dare I even ask how much our throughput has jumped? Does that explain the flat spots on the graph, by any chance?

Anything else you'd like to tell me about my network core?
(Reply) (Thread)
[User Picture]From: boggyb
Tuesday 19th June 2007 at 2:08 pm (UTC)
What, about the backdoor hidden in trinity? Oops, shouldn't have told you that :P

A quick speed test with speedtest.net to London showed more than double the downstream bandwidth and a slight increase on upstream. Will saw a significant increase on bittorrent and the like as well.

Not sure about the flat spots - it's not been long enough to tell if this was tha cause of the outages, but given IPCop's recent flakiness in general it could be related. I've never been quite sure just what was failing when the connection dropped.

I'm still not sure how the traffic shaping actually caused this. About the only theories I can come up with are "the web interface is changing the wrong values" or "the traffic shaper is broken". Possibly the traffic shaper doesn't work once the speed rises above a certain point? Unfortuantly the web interface doesn't say on which interfaces the shaper is applied, or in which direction.

...thinking about it, if the shaper is shaping *all* traffic (not just green--red, but green--black as well), then this could explain problems in connecting to ipcop if the shaper is throttling back too much.

This is all conjecture - to actually know what's going on I'd need to know how the shaper actually works, and how well it copes with large amounts of traffic.
(Reply) (Parent) (Thread)
From: pewterfish
Tuesday 19th June 2007 at 2:14 pm (UTC)
Distinctly possible. I submit that the traffic shaper stays off for the forseeable, and instead I grant non-exclusive, optionally concurrent LARTing priviledges upon people affected by inconsiderate users.

And the core is overdue for an audit, but I've been busy. Once continuity is finished and running, I think I'll get on that. Check for rogue servers, check for unexplainable activity, then set up a network-wide monitoring system based on Zenoss or Nagios.

Probably. If I have time.

*mutters about 'time'*
(Reply) (Parent) (Thread)