From owner-freebsd-questions@FreeBSD.ORG Sat Apr 16 01:14:25 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 83DC516A4CE for ; Sat, 16 Apr 2005 01:14:25 +0000 (GMT) Received: from ms05.mailstreet2003.net (MS05.mailstreet2003.net [63.251.155.133]) by mx1.FreeBSD.org (Postfix) with ESMTP id D923A43D53 for ; Sat, 16 Apr 2005 01:14:24 +0000 (GMT) (envelope-from chris@sigd.net) Received: from 68.51.45.71 ([68.51.45.71]) by ms05.mailstreet2003.net ([10.0.25.5]) via Exchange Front-End Server owa.mailstreet2003.net ([10.0.25.4]) with Microsoft Exchange Server HTTP-DAV ; Sat, 16 Apr 2005 01:15:05 +0000 Received: from home.sigd.net by owa.mailstreet2003.net; 15 Apr 2005 20:14:06 -0500 From: Chris Haulmark To: Timothy Radigan In-Reply-To: <20050414135309.B01C543D3F@mx1.FreeBSD.org> References: <20050414135309.B01C543D3F@mx1.FreeBSD.org> Content-Type: text/plain Content-Transfer-Encoding: 7bit Date: Fri, 15 Apr 2005 20:14:06 -0500 Message-Id: <1113614046.91414.4.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.2.1.1 FreeBSD GNOME Team Port cc: freebsd-questions@freebsd.org Subject: Re: Traffic Shapping (IPFW + DUMMYNET) Question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: chris@sigd.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Apr 2005 01:14:25 -0000 On Thu, 2005-04-14 at 09:53 -0400, Timothy Radigan wrote: > Hi all, > > I'm new to the entire idea of traffic shaping and I came up with some rules > for my BSD firewall/router/VoIP gateway and I just wanted to make sure that > what I am trying to accomplish is actually going to happen with these rules > in place. Currently, my broadband connection is a 4Mb down and 384Mb up > pipe. My VoIP service requires 90Kb up and down. I have 3 separate > internal networks at my house. I have my wired 100Mb switched LAN > (192.168.15.0/24), I have my IPSec enabled Wireless LAN (192.168.20.0/24), > and I have my VoIP LAN (192.168.10.0/30). What I want to do with these > traffic shaping rules, is dedicate 100Kb up and down to the VoIP LAN, and > then I want to have equally shared bandwidth (the remaining speeds of my > broadband connection) for the wired and wireless LANs. Here are the rules I > have come up with so far: Can you post your ifconfig output of your BSD box? How about the output of this: sysctl -a | grep net.inet.ip.fw.one_pass Chris > > <----------------------- (START) /etc/ipfw.rules ------------------------> > > # flush all rules > ipfw -f flush > > # configure the pipe main pipes - have 4000kbits/s down 384kbits/s up > > # define 200kbits/s for the voip pipes > ipfw pipe 1 config bw 100Kbits/s > ipfw pipe 2 config bw 100Kbits/s > > # wired / wifi lans - get all but 100kbits/s for both up and down > ipfw pipe 3 config bw 3900Kbits/s > ipfw pipe 4 config bw 284Kbits/s > > # wired/wifi LAN internal transmission > ipfw pipe 5 config bw 100Mbits/s mask dst-ip 0xffffffff > ipfw pipe 6 config bw 100Mbits/s mask dst-ip 0xffffffff > ipfw pipe 7 config bw 100Mbits/s mask dst-ip 0xffffffff > ipfw pipe 8 config bw 100Mbits/s mask dst-ip 0xffffffff > > # make sure the voip gets all of the bandwidth for the pipes > ipfw add 1 pipe 1 ip from 192.168.10.2 to any > ipfw add 1 pipe 2 ip from any to 192.168.10.2 > > # make sure the wired and wifi lans get all of the bandwidth for those pipes > ipfw add 2 pipe 5 ip from 192.168.15.0/24 to 192.168.0.0/16 > ipfw add 2 pipe 6 ip from 192.168.0.0/16 to 192.168.15.0/24 > ipfw add 3 pipe 7 ip from 192.168.20.0/24 to 192.168.0.0/16 > ipfw add 3 pipe 8 ip from 192.168.0.0/16 to 192.168.20.0/24 > > # the wired / wifi lans will split the up and down pipes > ipfw queue 3 config weight 50 pipe 3 mask dst-ip 0x000000ff > ipfw queue 4 config weight 50 pipe 3 mask dst-ip 0x000000ff > ipfw queue 5 config weight 50 pipe 4 mask dst-ip 0x000000ff > ipfw queue 6 config weight 50 pipe 4 mask dst-ip 0x000000ff > > # add inbound/outbound queues for the wired lan > ipfw add 100 queue 3 ip from any to 192.168.15.0/24 > ipfw add 105 queue 5 ip from 192.168.15.0/24 to any > > # add inbound/outbound queues for the wifi lan > ipfw add 200 queue 4 ip from any to 192.168.20.0/24 > ipfw add 205 queue 6 ip from 192.168.20.0/24 to any > > <------------------------ (END) /etc/ipfw.rules -------------------------> > > Does this seem like it will perform as I am thinking it will? > > Thanks > --Tim > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"