How the Other Half Lives - Bandwidth Throttling on the Mac Using WaterRoof/ipfw

| Comments

Have you ever needed to test your website as if you were a dialup user? According to a Pew research study earlier this year 55% of Americans have broadband at home, and 10% still have dialup (with the remainder having no connectivity at home). This means that almost 20% of home browsers are on dialup. If you want to make sure that you’re app isn’t completely unusable for this population it could be useful to know how to slow your fat pipe down to dialup speeds.

Under the covers, Mac OSX uses a tool called “ipfw” (IP firewall) that allows for all kinds of fancy traffic shaping and piping. It’s a very unix tool though and it’s not the easiest thing to use if you’re not familiar with parsing through man pages.

There is a GUI called WaterRoof ( that makes things a little better, though it still isn’t the most intuitive thing.

Here are the steps to slow your connection down using WaterRoof.

  1. This is easiest if you have your browsers all shut down. It makes it easier to identify the right connection, though it’s not required.

  2. Load up WaterRoof, you’ll see the main control panel:

WaterRoof Control Panel

  1. Click on the “Net Connections” page to see all your current active connections:

Net Connections pane

  1. Start up firefox and go to the website you want to be slow (in this example, a QA box on a local intranet running the app on port 8080):

firefox connection

  1. Click update in the WaterRoof “net connections” page so it will now show the connection to your new server (in this example “qa01app01:8080”). It lists the IP, but because you don’t have any other browsers open, it’s easy to identify the connections to port 8080 (or port 80 if you’re going over the normal http port). Alternatively you can use a tool to identify the IP of the machine you’re hitting (such as dig/telnet) and then find it in the list.

Net Connections Update

  1. Highlight any one of the connections to port 8080 (as in the image above) and click “Block or limit selected connection” to get to the screen below. In that screen, enter a number in the “Bandwidth” box under “Limit connection BW”. I entered “3” to slow things down to 3 Kb/second (regular modem speed is normally between 3-7 Kb/second, depending on the wind). Then hit the “limit” button. You’ll need to enter your password.

Connection Inspector

  1. This will create a “pipe” and 2 “rules” (one for incoming, one for outgoing to the selected server) to limit the bandwidth (the top 2 rules in the image below). The 3rd rule in the image below is the default one that is always there (“allow ip from any to any”).

Pipe and Rules

You can now go back to your browser and hit “cmd-shift-R” to reload without cache and things should be much slower.

To get back to normal, you’ll want to delete the 2 rules and the pipe that were created (highlight each and hit the “-”).

This is an easy, repeatable way to slow down your connection on demand. There are quite a few other things that can be done with ipfw/waterroof. If you get a little deeper into it, it becomes pretty easy to put together little scripts that are doing all sorts of traffic shaping and forwarding on your mac.