From owner-freebsd-questions  Sat Jun 15 10:24:23 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from infinity.aesredfish.net (ns1.aesredfish.net [65.168.0.12])
	by hub.freebsd.org (Postfix) with ESMTP id 2621E37B407
	for <questions@FreeBSD.ORG>; Sat, 15 Jun 2002 10:24:19 -0700 (PDT)
Received: from potentialtech.com (mhope-dhcp-65-168-1-181.dashfast.com [65.168.1.181])
	by infinity.aesredfish.net (8.11.6/8.11.0) with ESMTP id g5FHOGr31962;
	Sat, 15 Jun 2002 13:24:16 -0400
Message-ID: <3D0B79AB.70209@potentialtech.com>
Date: Sat, 15 Jun 2002 13:30:19 -0400
From: Bill Moran <wmoran@potentialtech.com>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.0rc1) Gecko/20020502
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Ilia Chipitsine <ilia@cgu.chel.su>
Cc: questions@FreeBSD.ORG
Subject: Re: ipfw: DNS priority
References: <Pine.BSF.4.10.10206152310020.762-100000@jane.poka.net>
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Ilia Chipitsine wrote:
> On Sat, 15 Jun 2002, Bill Moran wrote:
> 
>>Ilia Chipitsine wrote:
>>>how can I implement ipfw rules in order to prioriterize DNS and SSH (both 
>>>incoming and outgoing) over the rest of packets ???
>>>
>>>I mean that DNS and SSH traffic is the most important and I want to tell
>>>it to ipfw :)
>>
>>Read the man page for dummynet.  There's a bit of knowledge required before
>>doing something like this, as you've got to work the dummynet rules into
>>your other firewall rules.
> 
> no, my question has nothing to do with DUMMYNET.

No, you question has everything to do with dummynet.

> I was asking: "how to tell to ipfw that DNS is more IMPORTANT than other
> packets ?".
> 
> I'm not about to shape the rest of packets to 50% of interface
> capacity for all the time being :)

Actually read the man page.
I don't know where you got your ideas about dummynet, but if you read the
man page it will explain how to do what you want.  dummynet does more than
just "shape the rest of the packets to 50% of the interface capacity". You
can assign priorities to packets based on just about any filtering criteria
you can use in ipfw, and dummynet will prioritize their delivery.  When
those types of packets are not occurring, the entire bandwidth is available
to whatever traffic is present.

Unless I'm completely misunderstanding what you mean by "IMPORTANT".  If I
am, please elaborate on what you mean by that.

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message