From owner-freebsd-questions@FreeBSD.ORG Fri Nov 28 15:12:16 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E72CA16A4CE for ; Fri, 28 Nov 2003 15:12:16 -0800 (PST) Received: from smtp09.wxs.nl (smtp09.wxs.nl [195.121.6.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id D8A6043FE9 for ; Fri, 28 Nov 2003 15:12:00 -0800 (PST) (envelope-from akruijff@www.kruijff.org) Received: from kruij557.speed.planet.nl (ipd50a97ba.speed.planet.nl [213.10.151.186]) by smtp09.wxs.nl (iPlanet Messaging Server 5.2 HotFix 1.14 (built Mar 18 2003)) with ESMTP id <0HP300NUY4CA08@smtp09.wxs.nl> for freebsd-questions@freebsd.org; Sat, 29 Nov 2003 00:09:47 +0100 (MET) Received: from Alex.lan (localhost [127.0.0.1]) by kruij557.speed.planet.nl (8.12.9p2/8.12.9) with ESMTP id hASNC4cP004258; Sat, 29 Nov 2003 00:12:04 +0100 (CET envelope-from akruijff@Alex.lan) Received: (from akruijff@localhost) by Alex.lan (8.12.9p2/8.12.9/Submit) id hASNC1Z9004257; Sat, 29 Nov 2003 00:12:01 +0100 (CET envelope-from akruijff) Date: Sat, 29 Nov 2003 00:12:01 +0100 From: Alex de Kruijff In-reply-to: <200311271949.07701.timothy@voidnet.com> To: Eric Timme Message-id: <20031128231200.GD815@dds.nl> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Content-disposition: inline User-Agent: Mutt/1.4.1i References: <200311271949.07701.timothy@voidnet.com> cc: freebsd-questions@freebsd.org Subject: Re: Kazaa/p2p on a LAN and ping problems X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Nov 2003 23:12:17 -0000 On Thu, Nov 27, 2003 at 07:49:07PM -0600, Eric Timme wrote: > Network topology: > > LAN <==> FreeBSD Gateway <==> Internet > > Gateway specifications: > FreeBSD overlord 4.8-STABLE FreeBSD 4.8-STABLE #0: Mon Sep 22 07:05:09 CDT > 2003 > k6-233, 128MB ram > ipf packet filtering in place > > Internet (cable): > 256kb up > 2.0mbish down > > ====== > > It seems an impossible task to limit Kazaa and other p2p (Kazaa especially) > from accessing the Internet from a LAN, especially when you're sharing the > LAN with other college age people. So, I've instead told them to limit their > upstream to 5kB, which leaves a good amount of of the upstream pipe for web > browsing. > > However, whenever any p2p in the house is active pings on any external network > degrade horribly, even if it's only a single host, and 20kb of my upstream > bandwith remains. > > Wolfenstein servers that I pinged 30 on with no p2p activity on the LAN, for > instance, begin to ping at 400-500 ; the situation is equally bad with MUDs > and other ping reliant games such as Quake. > > Is this normal? Is there anything I can do to fix the problem so that ping > dependant games can be played while p2p apps are active on the LAN? Kicking > the network cable out works late at night, and at times during the day, but > it isn't a permanent solution. Limiting p2p from the LAN completely is not > possible from my position. > > A user on IRC mentioned he had no such problem with IPFW - if my problem isn't > specific does that mean that my use of ipf is responsible for this behavior? You could check if you router slots are free. They proberbly are. You could enfore a bandwith policy on you users. You could have a static bandwith limitation with ipfw meaning that they can only have 25% or a dynamic one maning they have 100% unleass they use it heavly 25%. (meaning lag when someone just starts using p2p). I have written some article about this on my website. I integrated the ipfw firewall options. -- Alex Articles based on solutions that I use: http://www.kruijff.org/alex/index.php?dir=docs/FreeBSD/