Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 22 Oct 2001 11:39:11 +0100
From:      "Daniel Fairs" <d.fairs@psychmed.co.uk>
To:        "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG>
Subject:   Dummynet
Message-ID:  <NKEPKAINDOAHFAIDHBHACEPGCHAA.d.fairs@psychmed.co.uk>
next in thread | raw e-mail | index | archive | help 
Hi,

I have a FreeBSD firewall, behind which are private machines, and machines
accessible to the outside world through natd's port forwarding. The public
servers have IP addresses below 192.168.0.33, and the private network has
192.168.0.33 to 192.168.0.254. I would like to limit the bandwidth for
machines on the private machines to 45KByte/s (total, not each). I
understand I can currently do this with a command like

ipfw add pipe 1 from any to 192.168.0.0/27 in
ipfw pipe 1 config bw 45KByte/s

However, one of the servers, 192.168.0.2, runs a squid cache; also, server
192.168.0.4 runs smtp. I would like both of these machines to be included in
pipe1 - outgoing and incoming http, and outgoing smtp. I would like to limit
incoming smtp to that server to 30KByte/s. Finally, we have a web server,
192.168.0.6, which I'd like to limit to 30KByte/s each way. In other words,
I want the following pipes:

Pipe 1: 45KByte/s both ways
Pipe 2: 30KByte/s incoming
Pipe 3: 30KByte/s both ways

I would like to connect everything from 192.168.0.33 to 192.168.0.254, and
192.168.0.4 outgoing dest port 25 to pipe 1. I'd like to connect 192.168.0.4
incoming port 25 to pipe 2. Finally, I'd like to connect 192.168.0.6 to pipe
3.

I've read about queues in the ipfw man page, and read through
http://www.iet.unipi.it/~luigi/ip_dummynet/ but I'm afraid I don't quite see
how do define a pipe without specifying addresses or protocols - I want to
do that in the queue definition.

Any help is gratefully appreciated. If you need any more information, let me
know.

Many thanks,
Dan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NKEPKAINDOAHFAIDHBHACEPGCHAA.d.fairs>