From owner-freebsd-isp@FreeBSD.ORG Thu Aug 31 14:13:05 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6DD6816A4DD for ; Thu, 31 Aug 2006 14:13:05 +0000 (UTC) (envelope-from fofo@bsdmail.org) Received: from webmail-outgoing.us4.outblaze.com (webmail-outgoing.us4.outblaze.com [205.158.62.67]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25FCB43D45 for ; Thu, 31 Aug 2006 14:13:03 +0000 (GMT) (envelope-from fofo@bsdmail.org) Received: from unknown (unknown [192.168.8.90]) by webmail-outgoing.us4.outblaze.com (Postfix) with QMQP id 215741800E0D for ; Thu, 31 Aug 2006 14:13:59 +0000 (GMT) X-OB-Received: from unknown (205.158.62.16) by wfilter2.us4.outblaze.com; 31 Aug 2006 14:13:49 -0000 Received: by ws5-10.us4.outblaze.com (Postfix, from userid 1001) id 6534A7AE1C; Thu, 31 Aug 2006 14:13:50 +0000 (GMT) Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1" MIME-Version: 1.0 From: "tux tuxie" To: freebsd-isp@freebsd.org Date: Thu, 31 Aug 2006 22:13:50 +0800 Received: from [200.216.238.226] by ws5-10.us4.outblaze.com with http for fofo@bsdmail.org; Thu, 31 Aug 2006 22:13:50 +0800 X-Originating-Ip: 200.216.238.226 X-Originating-Server: ws5-10.us4.outblaze.com Message-Id: <20060831141350.6534A7AE1C@ws5-10.us4.outblaze.com> Subject: Limiting bandwidth by ip or group of IPs using ipfw and dummynet (I'm ok to change if required....) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Aug 2006 14:13:05 -0000 Hi everyone :) We are starting a very small ISP for a city here that has no DSL. We bring internet from an other big city at 120Kms away.. I try to have a bandwidth limit _by_ IP or by group of IPs but so far, I have been very unlucky in the bandwidth limitation. I use ipfw/dummynet (Not used to it, I come from linux.) I want different bandwidth for outgoing and incoming traffic My config is pretty simple: The internet connection, The FreeBSd server acting as NAT A switch with customers connection In the config files I show up, I have a computer acting as "customer comput= er" that should be limited in bandwidth beeing 172.16.50.2. the server has two NICs on internet side and one customer's side. respectively for the test, 192.168.47.7 (internet side) dc0 172.16.50.1 (customers side) dc1 I enabled successfully the NAT functionnality but can't manage the bandwidt= h limitation. as for now, I don't have yet the T1 that will connect me, so my current con= nection is at 15Kb/s which explains I try to limit the bandwidth to 3Kb/s to make sure ev= erything works=20 properly. Here is my ifpw config: ipfw -f flush # for some reason, this blocks the connection #ipfw add divert natd all from 172.16.50.0/24 to any via dc0 ipfw add divert natd ip from any to any via dc0 ipfw add allow ip from any to any via lo0 ipfw add deny ip from any to 127.0.0.0/8 ipfw add deny ip from 127.0.0.0/8 to any #ipfw add allow ip from any to any ipfw pipe 1 config bw 3Kbit/s ipfw add pipe 1 all from 172.16.50.2 to any I test the bandwidth limitation with wget on an http ressource. Thanks for any help you could provide, I really need this. --=20 __________________________________________________ Now you can search for products and services http://search.mail.com