Date: Fri, 20 Jun 2003 13:41:21 -0400 From: Don Bowman <don@sandvine.com> To: "'freebsd-net@freebsd.org'" <freebsd-net@freebsd.org> Subject: nested ipfw dummynet pipes Message-ID: <FE045D4D9F7AED4CBFF1B3B813C8533702741AF5@mail.sandvine.com>
next in thread | raw e-mail | index | archive | help
is there any way, in a bridging config, to have nested pipes? In particular, what i would like to achieve is a rule that allows e.g. 64kbps per host (src-mask 0xffffffff), but that all these hosts are in an overall 10Mbps pipe. The idea will be that @ some times of the day the pipe is less than full, so everyone gets 64kbps, but @ other times of the day the pipe is full, and I don't want more than 10Mbps flowing. net.inet.ip.fw.one_pass looks to do what i want but: "Note: bridged and layer 2 packets coming out of a pipe are never reinjected in the firewall irrespective of the value of this variable." suggests this is not the case. Is there some technique using e.g. netgraph? Or can someone suggest why the note is there and if it might be easily removed? e.g. what i have is a system with em0 <--> em1 net.link.ether.bridge_cfg="em0 em1" net.link.ether.bridge=1 net.link.ether.bridge_ipfw=1 net.inet.ip.fw.one_pass=1 --don
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FE045D4D9F7AED4CBFF1B3B813C8533702741AF5>