dummynet (user confused)
I am somewhat confuse on *how* to really use dummynet for bandwidth limitation. Im my (mis)understanding, ipfw functions act in a 'hit and run' way, say: the first one which corresponds to 'this' packet will be the only to be followed, there are no new verification on this packet with the next rule. dummynet needs ipfw to build a pipe.. but if this rule is hit does it means that any other will have no effect at all?? what are the correct order to run in the following situation: ipfilter and ipnat for these things. ipfw with dummynet for the following: machine 192.168.1.xa and machne 192.168.1.xb will have full bandwidth while machines in the 192.168.1.0/24 (except xa and xb) will have bandwidth limited to 8 kb/s. I ask you to please at least clarify on how to get such thing running. Pointing me to a 'real world' user url will be great!! saudações, irado furioso com tudo GNU/Linux user CASSADO nossa solidariedade é inversamente proporcional às nossas posses por favor, clique aqui: http://www.thehungersite.com e aqui também: http://cf6.uol.com.br/umminuto/ Nettaxi would like to ask for your help in donations to the RED CROSS today! http://www.nyredcross.org/donate/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: unused interfaces in if_var.h
-On [20011102 02:30], Luigi Rizzo ([EMAIL PROTECTED]) wrote: >Would people object to doing a similar change to the code >in STABLE ? No, I wouldn't mind. -- Jeroen Ruigrok van der Werven/Asmodai asmodai@[wxs.nl|freebsd.org|xmach.org] Documentation nutter/C-rated Coder, finger [EMAIL PROTECTED] http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/ Take thy beak from out my heart and take thy form from off my door! To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: dummynet (user confused)
On Sun, 4 Nov 2001, [EMAIL PROTECTED] wrote: > Im my (mis)understanding, ipfw functions act in a 'hit and run' way, say: the first >one which corresponds to 'this' packet will be the only to be followed, there are no >new verification on this packet with the next rule. This is not always true...in some cases packet is passed again to the firewall code, starting from next rule. > dummynet needs ipfw to build a pipe.. but if this rule is hit does it means that any >other will have no effect at all?? When "pipe" action is found that correspondes with packet, it is passed to dummynet code and then packet is passed to the forewalling code again starting from next rule. > machine 192.168.1.xa and machne 192.168.1.xb will have full bandwidth while > machines in the 192.168.1.0/24 (except xa and xb) will have bandwidth limited to 8 >kb/s. Example 1: ipfw pipe 1 config bw 8Kbit/s ipfw pipe 2 config bw 8Kbit/s ipfw add pipe 1 ip from any to 192.168.1.xa ipfw add pipe 2 ip from any to 192.168.1.xb This will only limit downloads from machine a and machine b to 8Kbit/s Example 2: Machines a and b share bandwidth of 8Kbit/s ipfw pipe 1 config bw 8Kbit/s ipfw add pipe 1 ip from any to 192.168.1.xa ipfw add pipe 1 ip from any to 192.168.1.xb Example 3 (this is what you wanted): ipfw pipe 1 config bw 8Kbit/s mask dst-ip 0x00ff ipfw add accept ip from any to 192.168.1.xa ipfw add accept ip from any to 192.168.1.xb ipfw add pipe 1 ip from any to 192.168.1.0/24 With Regards, D. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: dummynet (user confused)
>This is not always true...in some cases packet is passed again to the >firewall code, starting from next rule. > > > dummynet needs ipfw to build a pipe.. but if this rule is hit does it >means that any other will have no effect at all?? > >When "pipe" action is found that correspondes with packet, it is passed to >dummynet code and then packet is passed to the forewalling code again >starting from next rule. ---> A small addition from the "man ipfw" This is the behaviour when "net.inet.ip.fw.one_pass" is not set. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: dummynet (user confused)
On Sun, Nov 04, 2001 at 04:06:38AM -0800, [EMAIL PROTECTED] wrote: > > I am somewhat confuse on *how* to really use dummynet for bandwidth limitation. > > Im my (mis)understanding, ipfw functions act in a 'hit and run' way, > say: the first one which corresponds to 'this' packet will be the only > to be followed, there are no new verification on this packet with the > next rule. you need to change the sysctl 'net.inet.ip.fw.one_pass'. see ipfw(8). -- - bill fumerola / [EMAIL PROTECTED] / [EMAIL PROTECTED] / [EMAIL PROTECTED] - my anger management counselor can beat up your self-affirmation therapist To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
