From owner-freebsd-questions  Mon Oct 22  3:42:43 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from he002war.uk.vianw.net (he002war.uk.vianw.net [195.102.249.209])
	by hub.freebsd.org (Postfix) with ESMTP id 3686D37B403
	for <freebsd-questions@freebsd.org>; Mon, 22 Oct 2001 03:42:40 -0700 (PDT)
Received: from [213.2.28.70] (helo=STILTON)
	by he002war.uk.vianw.net with smtp (Exim 3.22 #5)
	id 15vcVz-0004X1-00
	for freebsd-questions@FreeBSD.ORG; Mon, 22 Oct 2001 11:41:03 +0100
From: "Daniel Fairs" <d.fairs@psychmed.co.uk>
To: "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG>
Subject: Dummynet
Date: Mon, 22 Oct 2001 11:39:11 +0100
Message-ID: <NKEPKAINDOAHFAIDHBHACEPGCHAA.d.fairs@psychmed.co.uk>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Importance: Normal
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Hi,

I have a FreeBSD firewall, behind which are private machines, and machines
accessible to the outside world through natd's port forwarding. The public
servers have IP addresses below 192.168.0.33, and the private network has
192.168.0.33 to 192.168.0.254. I would like to limit the bandwidth for
machines on the private machines to 45KByte/s (total, not each). I
understand I can currently do this with a command like

ipfw add pipe 1 from any to 192.168.0.0/27 in
ipfw pipe 1 config bw 45KByte/s

However, one of the servers, 192.168.0.2, runs a squid cache; also, server
192.168.0.4 runs smtp. I would like both of these machines to be included in
pipe1 - outgoing and incoming http, and outgoing smtp. I would like to limit
incoming smtp to that server to 30KByte/s. Finally, we have a web server,
192.168.0.6, which I'd like to limit to 30KByte/s each way. In other words,
I want the following pipes:

Pipe 1: 45KByte/s both ways
Pipe 2: 30KByte/s incoming
Pipe 3: 30KByte/s both ways

I would like to connect everything from 192.168.0.33 to 192.168.0.254, and
192.168.0.4 outgoing dest port 25 to pipe 1. I'd like to connect 192.168.0.4
incoming port 25 to pipe 2. Finally, I'd like to connect 192.168.0.6 to pipe
3.

I've read about queues in the ipfw man page, and read through
http://www.iet.unipi.it/~luigi/ip_dummynet/ but I'm afraid I don't quite see
how do define a pipe without specifying addresses or protocols - I want to
do that in the queue definition.

Any help is gratefully appreciated. If you need any more information, let me
know.

Many thanks,
Dan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message