From owner-freebsd-questions Wed Feb 27 2:47:24 2002 Delivered-To: freebsd-questions@freebsd.org Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by hub.freebsd.org (Postfix) with ESMTP id 0980337B400 for ; Wed, 27 Feb 2002 02:47:13 -0800 (PST) Received: from wash by ns2.wananchi.com with local (Exim 3.35 #1 (FreeBSD)) id 16g1cp-000DvL-00 for ; Wed, 27 Feb 2002 13:47:55 +0300 Date: Wed, 27 Feb 2002 13:47:55 +0300 From: Odhiambo Washington To: FBSD-Q Subject: IPFW/Dummynet - Internet Access Message-ID: <20020227104755.GC23054@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , FBSD-Q Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.25i X-Fortune: Everyone talks about apathy, but no one ____does anything about it. X-Operating-System: FreeBSD 4.5-STABLE i386 X-Best-Window-Manager: XFCE X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. X-Uptime: 1:18PM up 19 days, 18:05, 2 users, load averages: 1.08, 1.15, 1.16 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello Networking gurus! I'd like to give Internet access to some residents of a building BUT I want to have every user on their own private network (diff IP, no broadcast traffic to the other) and also do bandwidth limiting. Now I know that this is one of those topics discussed on the lists quite often. I've seached the archives and found some pretty nice material but there is one thing that is not clear to me and I thought I could pick the brain of the gurus in this list. It looks like below: 192.168.50.0/24 -------- | Client1| \ -------- \ \ VLAN Capable switch \ \ ++++ \ | S | --- -------- \| W | | R | DSL Modem | Client2|--------| I | | O | ++++ -------- /| T | | U |- - ->| D | 192.168.11.0/24 / | C | | T | oif | S | ---------->>> Internet / | H | iif | E | | L | / | |- - ->| R | | | / ++++ | | ++++ --------- / --- | Client 3| FreeBSD 4.x (IPFW/DUMMYNET) -------- 10.1.2.0/24 This should take care of at least 10 - 20 clients, each allocated an IP in the private range as shown. QUESTION 1: Is it possible that I can configure each port on switch as a unique vlan, have the port that your FreeBSD box connects to pass all vlans, and then setup 3 VLAN interfaces on the FreeBSD box, one for each VLAN/client? My problem is that I don't want the clients/vlans to see one another. I am being told that this is not the way vlans work, that vlans will require multiple switches, yes??? QUESTION 2: I've already run IPFW on a FreeBSD box and while I am new to ipfw, I see it's already running fine, bar for the tuning that it will require to achieve the goal. If I want to do bandwidth limiting using dummynet, using the instructions at www.mostgraveconcern.com/freebsd/ , at what point in rc.ipfw do I introduce the dummynet rules, at the end??? QUESTION 3: I also want to control bandwidth for every client. Client 1 needs on 32K bandwidth while Client 2 needs 64K. The total bandwidth available on the ooif of the FreeBSD box is 256K (DSL). ipfw/dummynet will allow me to do this??? mtia -Wash -- Odhiambo Washington "The box said 'Requires Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) ++ Those who can't write, write manuals. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message