From owner-freebsd-questions@FreeBSD.ORG Wed Feb 4 05:54:52 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DDFC516A4CE for ; Wed, 4 Feb 2004 05:54:51 -0800 (PST) Received: from spock.dilkie.com (spock.dilkie.com [206.51.1.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id D8D4243D45 for ; Wed, 4 Feb 2004 05:54:48 -0800 (PST) (envelope-from lee@dilkie.com) Received: from borg (borg.dilkie.com [206.51.1.193]) (authenticated bits=0) by spock.dilkie.com (8.12.10/8.12.10) with ESMTP id i14DsjAu019837 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO) for ; Wed, 4 Feb 2004 08:54:46 -0500 (EST) (envelope-from lee@dilkie.com) From: "Lee Dilkie" To: Date: Wed, 4 Feb 2004 08:54:43 -0500 Message-ID: <006001c3eb26$7259d3c0$c10133ce@dilkie.com> X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.6604 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Scanned-By: MIMEDefang 2.39 Subject: FW: [5.2.1-RC, IPFW] Traffic Shaping X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Feb 2004 13:54:52 -0000 oops, sent to wrong list.... -----Original Message----- From: Lee Dilkie [mailto:lee@dilkie.com] Sent: Wednesday, February 04, 2004 8:00 AM To: 'Bjorn Eikeland'; 'Jaco van Tonder'; 'owner-freebsd-questions@freebsd.org' Subject: RE: [5.2.1-RC, IPFW] Traffic Shaping > > There isnt much you can really do as to shape incomming > traffic, however > you can limit how fast you accept the incomming data. (At > least this is > what im used to from my little experience with linux.) > > I tried* the following rule, and in theroy it sounds up to the job: > ipfw add pipe 1 tcp from not me to me smtp > > *)when I say tried I really mean ipfw didnt complain, but no traffic > actually saw it. > > Obviously you can replace 'me' with your actual ip and 'smtp' > with 25, but > I find its easier to read english. > > Feel free to try that though :) I'm running IPFW on 4.9 and inbound traffic shaping does work, I've verified that. my rule section... ipfw -f pipe flush # do pipes first or later rules will tigger and pipes won't be used # newfiechick in/out ipfw pipe 1 config bw 100Kbit/s ipfw pipe 2 config bw 60Kbit/s # sendmail limits in/out ipfw pipe 3 config bw 80Kbit/s ipfw pipe 4 config bw 80Kbit/s # testing #ipfw pipe 5 config bw 80Kbit/s #ipfw pipe 6 config bw 80Kbit/s # bandwidth throttling #ipfw add pipe 1 ip from any to newfiechick in #ipfw add pipe 2 ip from newfiechick to any out ipfw add pipe 3 tcp from any to spock smtp in ipfw add pipe 3 tcp from any to spock pop3 in ipfw add pipe 4 tcp from spock to any smtp out ipfw add pipe 4 tcp from spock pop3 to any out #ipfw add pipe 5 udp from any to 206.51.1.220 in #ipfw add pipe 6 udp from 206.51.1.220 to any out These come before any deny/allow rules. The commented out testing rule was to an internet phone and i was able to turn down the b/w and affect the voice quality in either direction so I'm confident that this works. -lee > > > Hi all, > > > > I am using FreeBSD 5.2.1-RC + IPFW2 + DUMMYNET to do > traffic shaping. > > This works well for my setup. > > I have the following configuration: > > The machine has 2 NIC's, xl0, dc0. The kernel is configured to do > > bridging. The bridged > > packets is passed to IPFW (net.link.ether.bridge.ipfw=1). > > > > I shape traffic this way: > > The bridge is setup between a router and an internal mail server. > > I am limiting bandwith using the following rules: > > pipe 1 config bw 16KBytes/s > > pipe 2 config bw 12KBytes/s > > > > and then: > > > > add pipe 1 tcp from any to any 25 (limit incoming traffic > towards smtp) > > add pipe 2 tcp from any 110 to any (limit outgoing traffic > from pop3) > > > > Yesterday, while browsing through Absolute BSD by Michael > Lucas I read > > an interesting part: > > You cannot shape incoming traffic the way that I do at the moment. > > > > Now, my question: > > How can I limit the incoming traffic towards my smtp server > properly? > > > > Any advice would be apreciated. > > > > Thank you, > > Regards > > Jaco van Tonder > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >