Quoting "Ronnel P. Maglasang" <[EMAIL PROTECTED]>:
Александр Шевченко wrote:
Using ipfw+dummynet you could easily limit bandwidth per ip:
$IPFW pipe 4 config bw 50KByte/s mask dst-ip 0x000003ff
$IPFW pipe 7 config bw 50KByte/s mask src-ip 0x000003ff
$IPFW add pipe 4 ip from any to 172.16.16.0/22 via fxp0 in
$IPFW add pipe 7 ip from 172.16.16.0/22 to any via fxp0 out
Using pf+altq you could limit easily bandwith for all clients:
altq on $int_if cbq bandwidth 1000Mb queue { powernet_local, powernet_inet }
queue powernet_local bandwidth 95% cbq(default)
queue powernet_inet bandwidth 40Mb
pass out on $int_if from <neighbors_net> to <internal_net> queue
powernet_local
pass out on $int_if from !<neighbors_net> to <internal_net> queue
powernet_inet
But you could not limit bandwidth per ip using PF.
why not? you create pf+altq equivalent rules for ipfw+dummynet rules.
you may look at policy based filtering if needed. you just have to play
with "tag" and "tagged" directives.
I don't remember why but for some reason I have the idea that pf+altq
is not bidirectional. Am I mistaken?
Thanks,
ed
Ryan McBride wrote in
it.listserv.openbsd-pf(http://groups.google.com/group/bit.listserv.openbsd-p
f/msg/512d1eba9683cea6?hl=ru&dmode=source)
P.S. By the way, no chance to shaping like ipfw(dummynet), by getting
mask for all ip addresses? It's the last reason to stay with ipfw:
No, there is nothing like this in PF right now. It's on my list of
things to look at, but that list grows faster than I can get things
done...
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Andrei Kolu
Sent: Tuesday, December 02, 2008 11:42 AM
To: Peter Jeremy; freebsd-pf@freebsd.org; [EMAIL PROTECTED]
Subject: Re: PF + ALTQ - Bandwidth per customer
ipfw+dummynet is really ugly traffic "shaper" (let's face it there
is no shaping going on), because instead of limiting bandwidth it
will drop packets to simulate bad connection. I hear many years
about "trivial" configuration per user bandwidth limit with pf+altq
but never saw ANY code... You can't set bandwidth limit with PF
like 3Mbit per 100 clients if your lan card is 100Mbit. This is
just lame- in reality clients never use all bandwidth and never all
clients are connected all the time. Even Linux ipfilter does it for
years with insane cryptic commandline but it just works.
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
