Why do these ipfw delayed pipes have no effect?

Posted by troutwine on Server Fault See other posts from Server Fault or by troutwine
Published on 2012-11-29T23:01:01Z Indexed on 2012/11/29 23:07 UTC
Read the original article Hit count: 355

Filed under:
|

I'm on OSX 10.7.5 and am attempting to add some latency to the connection to my personal domain with ipfw, using this article as a guide. Normal latency:

> ping -c5 troutwine.us                                 
PING troutwine.us (198.101.227.131): 56 data bytes
64 bytes from 198.101.227.131: icmp_seq=0 ttl=56 time=92.714 ms
64 bytes from 198.101.227.131: icmp_seq=1 ttl=56 time=91.436 ms
64 bytes from 198.101.227.131: icmp_seq=2 ttl=56 time=91.218 ms
64 bytes from 198.101.227.131: icmp_seq=3 ttl=56 time=91.451 ms
64 bytes from 198.101.227.131: icmp_seq=4 ttl=56 time=91.243 ms

--- troutwine.us ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 91.218/91.612/92.714/0.559 ms

Enabling ipfw:

> sudo sysctl -w net.inet.ip.fw.enable=0
net.inet.ip.fw.enable: 1 -> 0

> sudo sysctl -w net.inet.ip.fw.enable=1
net.inet.ip.fw.enable: 0 -> 1

The configuration of the pipe:

> sudo ipfw add pipe 1 ip from any to 198.101.227.131   
00200 pipe 1 ip from any to any dst-ip 198.101.227.131

> sudo ipfw add pipe 2 ip from 198.101.227.131 to any
00500 pipe 2 ip from 198.101.227.131 to any

> sudo ipfw pipe 1 config delay 250ms bw 1Mbit/s plr 0.1

> sudo ipfw pipe 2 config delay 250ms bw 1Mbit/s plr 0.1

The pipes are in place and configured:

> sudo ipfw -a list                                  
00100      166       14178 fwd 127.0.0.1,20559 tcp from any to me dst-port 80 in
00200        0           0 pipe 1 ip from any to 198.101.227.131
00300        0           0 pipe 2 ip from 198.101.227.131 to any
65535 37452525 32060610029 allow ip from any to any

> sudo ipfw pipe list                                
00001:   1.000 Mbit/s  250 ms   50 sl.plr 0.100000 0 queues (1 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
00002:   1.000 Mbit/s  250 ms   50 sl.plr 0.100000 0 queues (1 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000

Yet, this has had no effect:

> ping -c5 troutwine.us                              
PING troutwine.us (198.101.227.131): 56 data bytes
64 bytes from 198.101.227.131: icmp_seq=0 ttl=56 time=100.920 ms
64 bytes from 198.101.227.131: icmp_seq=1 ttl=56 time=91.648 ms
64 bytes from 198.101.227.131: icmp_seq=2 ttl=56 time=91.777 ms
64 bytes from 198.101.227.131: icmp_seq=3 ttl=56 time=91.466 ms
64 bytes from 198.101.227.131: icmp_seq=4 ttl=56 time=93.209 ms

--- troutwine.us ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 91.466/93.804/100.920/3.612 ms

What gives? I understand that ipfw is depreciated, but the manpage does not mention it being disabled. Also, I am not using Network Link Controller as I want to affect a single host.

© Server Fault or respective owner

Related posts about macosx

Related posts about ipfw