From owner-freebsd-questions Tue Oct 16 4:11:44 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mip.co.za (puck.mip.co.za [209.212.106.44]) by hub.freebsd.org (Postfix) with ESMTP id 7110F37B408 for ; Tue, 16 Oct 2001 04:11:33 -0700 (PDT) Received: from patrick (patrick.mip.co.za [10.3.13.181]) by mip.co.za (8.9.3/8.9.3) with SMTP id NAA14728; Tue, 16 Oct 2001 13:11:10 +0200 (SAST) (envelope-from patrick@mip.co.za) From: "Patrick O'Reilly" To: "Kenneth Wayne Culver" , Subject: RE: dummynet configured. Date: Tue, 16 Oct 2001 13:15:11 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG What I have done is simple, but it places a permanent restriction on FTP etc in favour of interactive things like ssh. It goes something like this: (Note that I put % values in place of bandwidth figures. This is not legal syntax - it's for explanation purposes. You must do the math on your line!) ------------------- ipfw pipe 1 config bw 100% ipfw pipe 2 config bw 75% ipfw add queue 1 tcp from any 22 to x.x.x.x/24 in via de0 (ssh connections are caught here) ipfw add queue 1 tcp from x.x.x.x/24 to any 22 out via de0 (ssh connections are caught here) ipfw queue 1 config pipe 1 weight 30 mask dst-ip 0x000000ff (ssh connections may use 100% of available bandwidth) ipfw add queue 2 ip from any to x.x.x.x/24 in via de0 (The rest is caught here) ipfw queue 2 config pipe 2 weight 30 mask dst-ip 0x000000ff (ftp, http, etc may only ever hog a max of 75% bandwidth) ------------------- This is a rough example, but it demonstrates the idea. You can fiddle with the rules and pipes to reserve bandwidth for the various protocols. The only down-side, as mentioned before, is that you will effectively reduce your FTP bandwidth to 75% of your line, even when no-one needs the other 25% for anything! I have found this scheme useful in keeping SMTP and POP below the radar too. Previously we often had problems with line saturation while large mails were sent/received, but now these transmissions trickle in/out at 25% of total bandwidth, and no-one notices the impact of interactive performance at all. I have added cron entries which adjust the pipe configs so that during the day we preserve more bandwidth for ssh, but at night when downloads are scheduled to run we give the ftp pipe more bandwidth. Hope this is useful. Patrick. > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Kenneth Wayne > Culver > Sent: 16 October 2001 02:15 > To: freebsd-questions@FreeBSD.ORG > Subject: dummynet configured. > > > alright, I've got dummynet configured and it seems to give each user > his/her fair share of bandwidth on my limited ADSL connection, but now > I've got one more problem. I would like to also give certain interactive > services a dedicated amount of bandwidth when it's needed. Things like dns > and ssh are still jumpy at best (however if multiple downloads to > different machines are running, they work great). Can anyone help me out > here? > > here are my current dummynet settings (which seem to be working fine with > ipfilter and ipnat running as my firewall and nat, all actual ip's are > represented by x.x.x.x) > > ipfw add queue 1 ip from any to x.x.x.x/24 in via de0 > ipfw pipe 1 config bw 608Kbit/s > ipfw queue 1 config pipe 1 weight 30 mask dst-ip 0x000000ff > > Thanks. > > Ken > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message