From owner-freebsd-net@FreeBSD.ORG  Mon Apr 30 12:17:48 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 849A916A400
	for <freebsd-net@freebsd.org>; Mon, 30 Apr 2007 12:17:48 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.freebsd.org (Postfix) with ESMTP id 18E9413C43E
	for <freebsd-net@freebsd.org>; Mon, 30 Apr 2007 12:17:47 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from fledge.watson.org (fledge.watson.org [209.31.154.41])
	by cyrus.watson.org (Postfix) with ESMTP id 64181475C4;
	Mon, 30 Apr 2007 08:17:46 -0400 (EDT)
Date: Mon, 30 Apr 2007 13:17:46 +0100 (BST)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: Peter Jeremy <peterjeremy@optushome.com.au>
In-Reply-To: <20070430113715.GD838@turion.vk2pj.dyndns.org>
Message-ID: <20070430131317.B9647@fledge.watson.org>
References: <dedb607c0704280508nf2c071dh2f76967999f68696@mail.gmail.com>
	<20070429112838.GH848@turion.vk2pj.dyndns.org>
	<20070430105659.C37507@fledge.watson.org>
	<20070430113715.GD838@turion.vk2pj.dyndns.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: Jack Barnett <jackbarnett@gmail.com>, freebsd-net@freebsd.org
Subject: Re: Firewall
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Apr 2007 12:17:48 -0000


On Mon, 30 Apr 2007, Peter Jeremy wrote:

> On 2007-Apr-30 10:58:18 +0100, Robert Watson <rwatson@freebsd.org> wrote:
>
>> One of the big selling points of IPFW is integration with DUMMYNET, which 
>> offers bandwidth management facilities not present in the other systems.
>
> I thought altq(4) could also do most of what dummynet(4) does but based on a 
> closer look, it seems that it can't do the packet delay stuff, though it 
> seems to have fairly similar bandwidth management facilities.

altq(4) as implemented on FreeBSD operates on outbound network interface 
queues.  This limits its utility significantly:

(1) It does not affect inbound network traffic at all, so for non-routers, you
     can't control the way inbound traffic appears to the stack, only replies.

(2) Most modern network hardware effectively places these queues in hardware,
     especially if not running completely saturated.

Robert N M Watson
Computer Laboratory
University of Cambridge