From owner-freebsd-net@FreeBSD.ORG Wed Jun 23 07:36:50 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8A2AC16A4CE for ; Wed, 23 Jun 2004 07:36:50 +0000 (GMT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6B1E743D48 for ; Wed, 23 Jun 2004 07:36:48 +0000 (GMT) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.9p1/8.12.8) with ESMTP id i5N7acgd051199; Wed, 23 Jun 2004 00:36:38 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.9p1/8.12.3/Submit) id i5N7aclL051198; Wed, 23 Jun 2004 00:36:38 -0700 (PDT) (envelope-from rizzo) Date: Wed, 23 Jun 2004 00:36:38 -0700 From: Luigi Rizzo To: Paul Querna Message-ID: <20040623003638.A50907@xorpc.icir.org> References: <1087961988.32333.48.camel@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <1087961988.32333.48.camel@localhost>; from chip@force-elite.com on Tue, Jun 22, 2004 at 08:39:48PM -0700 cc: freebsd-net@freebsd.org Subject: Re: Rate Limiting Per-Socket X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jun 2004 07:36:50 -0000 On Tue, Jun 22, 2004 at 08:39:48PM -0700, Paul Querna wrote: > Hello, > I am looking at methods to rate limit a single socket to a specific > pipe or rate with FreeBSD. I would like to make an Apache module that > could do its outgoing rate limit *in* kernel, making the module very > simple, and more accurate by using the kernel todo the rate limiting. > > I have been looking at Dummynet and pfil_hooks, but these seem to > operate only on an entire interface. I would like to have these operate this is not true -- you can do what you want trivially with dummynet, which lets you limit the bandwidth per-flow by using masks on pipes, and you can aggregate flow as you need using masks appropriately on addresses and ports. Read the ipfw manpage. What you might not like is that you need root privs to configure ipfw/dummynet, but that's another story... cheers luigi > only on a socket fd that I designate. Ie a special setsockopt() would > put socket x into pipe a. This pipe 'a' was setup ahead of time to only > allow 512 kb/s. > > Is this possible with FreeBSD? Do you have any suggestions on the best > way to proceed? > > Thank you, > -Paul Querna > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"