From owner-freebsd-isp@FreeBSD.ORG Tue Dec 2 09:12:33 2008 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B3581106564A; Tue, 2 Dec 2008 09:12:33 +0000 (UTC) (envelope-from antik@bsd.ee) Received: from sorbesgroup.com (mail.sorbesgroup.com [217.159.241.118]) by mx1.freebsd.org (Postfix) with ESMTP id 75B028FC0C; Tue, 2 Dec 2008 09:12:33 +0000 (UTC) (envelope-from antik@bsd.ee) Received: from localhost (localhost.localdomain [127.0.0.1]) by sorbesgroup.com (Postfix) with ESMTP id 07A1F3C506CC; Tue, 2 Dec 2008 10:42:06 +0200 (EET) Received: from sorbesgroup.com ([127.0.0.1]) by localhost (sorbesgroup.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 01540-02; Tue, 2 Dec 2008 10:42:04 +0200 (EET) Received: from [192.168.0.80] (andrei [192.168.0.80]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by sorbesgroup.com (Postfix) with ESMTP id BE7783C5038C; Tue, 2 Dec 2008 10:42:03 +0200 (EET) Message-ID: <4934F4F3.1030808@bsd.ee> Date: Tue, 02 Dec 2008 10:42:27 +0200 From: Andrei Kolu User-Agent: Thunderbird 2.0.0.18 (Windows/20081105) MIME-Version: 1.0 To: Peter Jeremy , freebsd-pf@freebsd.org, freebsd-isp@freebsd.org References: <20081124180411.0b065be5@wolwerine> <705757.42117.qm@web38504.mail.mud.yahoo.com> <11167f520812011508u46b04e7dmb1d5d22675dc778d@mail.gmail.com> <20081202075634.GT51761@server.vk2pj.dyndns.org> In-Reply-To: <20081202075634.GT51761@server.vk2pj.dyndns.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at localhost Cc: Subject: Re: PF + ALTQ - Bandwidth per customer X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Dec 2008 09:12:33 -0000 Peter Jeremy wrote: > On 2008-Dec-01 17:08:40 -0600, "Sam Fourman Jr." wrote: > >> So I would like to hear some ideas on how we could use FreeBSD or any other BSD >> to limit bandwidth per customer( say one customer (with root access) >> per server ) >> > > That description sounds like it simplifies to "limit bandwidth based on > IP address" - which is fairly trivial for ipfw+dummynet or pf+altq. > > ipfw+dummynet is really ugly traffic "shaper" (let's face it there is no shaping going on), because instead of limiting bandwidth it will drop packets to simulate bad connection. I hear many years about "trivial" configuration per user bandwidth limit with pf+altq but never saw ANY code... You can't set bandwidth limit with PF like 3Mbit per 100 clients if your lan card is 100Mbit. This is just lame- in reality clients never use all bandwidth and never all clients are connected all the time. Even Linux ipfilter does it for years with insane cryptic commandline but it just works. > ipfw+dummynet can also filter on uid/gid but I believe there are some > race conditions in that code > >