Stephan Balmer wrote at 2010-02-13 04:52 -0600: > > So, Stephan must have been meant ingress shaping (delaying packets?) and I > > assumed he meant ingress policing. Is there a significant reason to use > > shaping rather than policing? Yes, policing drops valid packets, but TCP will > > cause that anyway before backing off sending. > > Sorry for the confusion. Yes, I meant shaping. Maybe policing is better than > nothing, definitely try it out and tell us :-) Yeah, I plan to try out policing; I'll do some testing sometime hopefully and see if I notice any difference. > But there is a reason to buffer packets instead of dropping them: > Dropping packets kills TCP throughput. Buffering packets gives TCP connections > a way to figure out the appropriate rate. Don't ask me to explain because I > don't understand much about it myself. Ask Google about TCP flow rate and > congestion control to get an idea. > > If you use a hash bucket queue or similar for buffering, each connection > basically gets its own buffer, so that trickling traffic like SSH does not > get delayed in long buffers. And real-time traffic like phone calls prefer > 10% dropped packets over 100% delayed packets so they need their own > mini-queues. Okay, that makes sense.
Description: Digital signature