Using FreeBSD's dummynet to Simulate Slow/Unreliable Networks
Here's an easy way to simulate unreliable networks using FreeBSD's
firewall. It allows you to control things like bandwidth, latency and packet
loss. It also works on Mac, Linux and Windows, although some features might not
work on all platforms (like shaping the traffic of a bridge in Linux).
More details about dummynet can be obtained here:
Starting from a vanilla FreeBSD 9.1 install you'll need to first enable the
firewall before moving on. This is done by adding the following lines to
Note that the second line tells FreeBSD to load our own configuration file.
That file will simply contain a bunch of
ipfw commands as if they were
executed from the shell. We'll get back to that later...
Next, you need to tell FreeBSD to load the actual module that is used to
implement the traffic shaping. You can load this module manually by calling
kldload dummynet or you can have it loaded automatically at boot time by
adding the following line to
Once this is done you can reboot your system and validate that both the
dummynet modules are loaded by running
Creating the pipe
This example is pretty simple: set given bandwidth/latency/... limits on a pipe
and pass all traffic through it. That is, all traffic from any interface. If
you wanted to specify dedicated interfaces or more granular control, you would
do so by using less generic rules in the various
The next step is setting up the actual firewall rules. Here we're setting up a pipe that will affect all traffic by adding a delay of 100ms, dropping 10% of the packets and limiting the bandwidth to 256Kbit/s.
ipfw -q -f flush ipfw pipe 1 config delay 100ms plr 0.1 bw 256Kbit/s ipfw add 100 pipe 1 all from any to any
That should be it. You should now be able to test the additional delay and
packet loss by running something like
ping www.google.com and by looking at
To view details about the current rules, you can use
ipfw list and
ipfw pipe list.
This is really just scratching the surface of a very powerful tool. See the man
ipfw for all the possible configuration options.