From owner-freebsd-pf@FreeBSD.ORG Sat Nov 29 14:27:33 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E75641065678 for ; Sat, 29 Nov 2008 14:27:33 +0000 (UTC) (envelope-from david_5073@yahoo.com) Received: from web38504.mail.mud.yahoo.com (web38504.mail.mud.yahoo.com [209.191.125.50]) by mx1.freebsd.org (Postfix) with SMTP id B10EF8FC14 for ; Sat, 29 Nov 2008 14:27:33 +0000 (UTC) (envelope-from david_5073@yahoo.com) Received: (qmail 42129 invoked by uid 60001); 29 Nov 2008 14:00:52 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type:Message-ID; b=Gm/oAqgsTQacz8GT50YUZDHnmk0lNtTjtMBKo0dhFHbTtAzkAiahR3Wxa78Kdo7N2koiTADegF9YZzzEbZOElYYIf2D1+Y0Rfx/cLUEeT+0jcRaSUuV04NAZ0PQSpfKZAmjRIciOZoMnTUnAbIA7KBgRz6lcZubkijuKGlas+z8=; X-YMail-OSG: piCTbqEVM1nVflng.R4TCx0bLxlBLbzx78ehFvRoE2iDifrNBjiIcRRSXTJo2sXgWRoRHBvtazerAu6F4yIPgtw6pJdIFGlAZNFTj4deZZ2bYh8ylkzaahnrEWifM7YfRg_zLCLXjrIiWXnCjqNm2f9i3tN995kM1oFyXzQstj01iNZjC5Ui.iXh5LnokLaaizIMRdG2kNaKxFXXfL68Fb7D6qRIfzWdg4tSDIubN4gThhn_qgP5gMfZ1F60 Received: from [98.242.222.229] by web38504.mail.mud.yahoo.com via HTTP; Sat, 29 Nov 2008 06:00:52 PST X-Mailer: YahooMailWebService/0.7.260.1 Date: Sat, 29 Nov 2008 06:00:52 -0800 (PST) From: David Roseman To: freebsd-pf@freebsd.org, freebsd-isp@freebsd.org, Marcello Barreto In-Reply-To: <20081124180411.0b065be5@wolwerine> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Message-ID: <705757.42117.qm@web38504.mail.mud.yahoo.com> X-Mailman-Approved-At: Sat, 29 Nov 2008 15:11:59 +0000 Cc: Subject: Re: PF + ALTQ - Bandwidth per customer X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: david_5073@yahoo.com List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Nov 2008 14:27:34 -0000 --- On Mon, 11/24/08, Marcello Barreto wrote: > From: Marcello Barreto > Subject: PF + ALTQ - Bandwidth per customer > To: freebsd-pf@freebsd.org, freebsd-isp@freebsd.org > Date: Monday, November 24, 2008, 4:04 PM > Hello Folks, > I believe you have heard this several times, but I'm > new to FreeBSD and i'm trying to change my bandwidth > control from Linux (iptables + TC + iproute) to Freebsd (PF > + ALTQ). > I read about PF and I was very interested on it, but I > want to limit the bandwidth (Download and Upload) from each > customer behind a router (Obviously, FreeBSD with PF.).. > There are several networks and a lot of customers, and with > my rules, only what I got was each customer sharing the same > queue... > > There are my rules: > altq on $external cbq queue {def_up, def_up300, def_up450, > def_up600, def_up1000} > altq on $internal cbq queue {def_down, def_down300, > def_down450, def_down600, def_down1000} > > queue def_up bandwidth 10% cbq(default) > queue def_down bandwidth 10% cbq(default) > > queue def_up300 bandwidth 128Kb cbq(red) > queue def_up450 bandwidth 200Kb cbq(red) > queue def_up600 bandwidth 300Kb cbq(red) > queue def_up1000 bandwidth 500Kb cbq(red) > > queue def_down300 bandwidth 300Kb cbq(red) > queue def_down450 bandwidth 450Kb cbq(red) > queue def_down600 bandwidth 600Kb cbq(red) > queue def_down1000 bandwidth 1024Kb cbq(red) > > > pass in quick inet proto {tcp, udp} from > to any queue def_down300 > pass out quick inet proto {tcp, udp} from > to any queue def_up300 > You should consider a commercial product rather than relying on old and somewhat unreliable technology. We've been able to squeeze a lot more customers onto our network for a $3500. investment. It paid for itself in 2 months. We have a dual-core 2.33Ghz system passing 95Mb/s with 12000 rules in place and it runs at about 10%. The latest version is truly amazing. http://www.etinc.com Regards, David