DESCRIPTION

The system facility permits the control of traffic going through the various network interfaces, by applying bandwidth and queue size limitations, implementing different scheduling and queue management policies, and emulating delays and losses.

The user interface for is implemented by the ipfw(8) utility, so please refer to the ipfw(8) manpage for a complete description of the capabilities and how to use it.

Kernel Options

The following options in the kernel configuration file are related to operation:

IPFIREWALL

enable ipfirewall (required for )

IPFIREWALL_VERBOSE

enable firewall output

IPFIREWALL_VERBOSE_LIMIT

limit firewall output

DUMMYNET

enable operation

HZ

set the timer granularity

Generally, the following options are required:

options IPFIREWALL
options DUMMYNET
options HZ=1000         # strongly recommended

Additionally, one may want to increase the number of mbuf clusters (used to store network packets) according to the sum of the bandwidth-delay products and queue sizes of all configured pipes.

HISTORY

The facility was initially implemented as a testing tool for TCP congestion control by An Luigi Rizzo Aq [email protected] , as described on ACM Computer Communication Review, Jan.97 issue. Later it has been modified to work at the IP and bridging levels, integrated with the ipfw(4) packet filter, and extended to support multiple queueing and scheduling policies.