From owner-freebsd-pf@FreeBSD.ORG Tue Dec 2 13:13:47 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DF643106564A for ; Tue, 2 Dec 2008 13:13:47 +0000 (UTC) (envelope-from eculp@encontacto.net) Received: from ns2.bafirst.com (72-12-2-19.static.networktel.net [72.12.2.19]) by mx1.freebsd.org (Postfix) with ESMTP id 89CAE8FC08 for ; Tue, 2 Dec 2008 13:13:47 +0000 (UTC) (envelope-from eculp@encontacto.net) Received: from HOME.encontacto.net ([189.129.8.53]) by ns2.bafirst.com with esmtp; Tue, 02 Dec 2008 07:03:44 -0600 id 000D52E4.49353230.00005F27 Received: from localhost (localhost [127.0.0.1]) (uid 80) by HOME.encontacto.net with local; Tue, 02 Dec 2008 07:03:43 -0600 id 0004AC1A.4935322F.0000B2FC Received: from ed.local.net.mx (ed.local.net.mx [192.168.1.65]) by econet.encontacto.net (Horde Framework) with HTTP; Tue, 02 Dec 2008 07:03:43 -0600 Message-ID: <20081202070343.34221p9405nzs76s@econet.encontacto.net> Date: Tue, 02 Dec 2008 07:03:43 -0600 From: eculp To: freebsd-isp@freebsd.org References: <20081124180411.0b065be5@wolwerine> <705757.42117.qm@web38504.mail.mud.yahoo.com> <11167f520812011508u46b04e7dmb1d5d22675dc778d@mail.gmail.com> <20081202075634.GT51761@server.vk2pj.dyndns.org> <4934F4F3.1030808@bsd.ee> <20081202092204.GU51761@server.vk2pj.dyndns.org> In-Reply-To: <20081202092204.GU51761@server.vk2pj.dyndns.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Internet Messaging Program (IMP) H3 (5.0-cvs) X-Remote-Browser: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.1.18) Gecko/20081114 Firefox/2.0.0.18 X-IMP-Server: 189.129.8.53 X-Originating-IP: 192.168.1.65 X-Originating-User: eculp@encontacto.net Cc: freebsd-pf Subject: Re: PF + ALTQ - Bandwidth per customer X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Dec 2008 13:13:48 -0000 Quoting Peter Jeremy : > On 2008-Dec-02 10:42:27 +0200, Andrei Kolu wrote: >>> That description sounds like it simplifies to "limit bandwidth based on >>> IP address" - which is fairly trivial for ipfw+dummynet or pf+altq. >>> >> ipfw+dummynet is really ugly traffic "shaper" (let's face it there is no >> shaping going on), because instead of limiting bandwidth it will drop >> packets to simulate bad connection. > > I've been using ipfw+dummynet for traffic shaping for 7 or 8 years > without problems (and have recently moved to pf+dummynet). I don't > understand your comment about limiting bandwidth: An incoming packet > is put on a queue that is emptied at no more than the (simulated) > available outbound bandwidth. If the queue is full then incoming > packets will be dropped. This is the same behaviour as any other > router (or switch). > > What do you want/expect? > >> I hear many years about "trivial" >> configuration per user bandwidth limit with pf+altq but never saw ANY >> code... > > Note that I never mentioned per-user bandwidth with pf+altq - though > it looks possible. There are some trivial traffic-shaping examples in > pf.conf(5) but I will admit that I've never tried to actually use altq > - I use dummynet because I need functionality that isn't present in > altq. I had forgotten that dummynet can be used with pf. Maybe i should =20 start this with a new subject but it is directly related in that I =20 need bandwidth control again that I don=B4t have since changing to pf. o- What needs to be patched/done to make them work together on Current and Releng? o- Are you happier with the combination of dummynet with pf than with IPFW? DummyNet was one of the reasons that I was slow to leave IPFW. Thanks and I am really not trying to hijack this thread, be glad to =20 start a new one. ed