Date: Sun, 14 Apr 2002 22:11:05 -0700 From: Luigi Rizzo <rizzo@icir.org> To: Mihail Balikov <misho@interbgc.com> Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: dummynet and ip.fw.one_pass Message-ID: <20020414221105.B21946@iguana.icir.org> In-Reply-To: <003401c1e419$70e73340$eee209d9@interbgc.com> References: <003401c1e419$70e73340$eee209d9@interbgc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
the code seems correct, but I would do the shaping in the opposite order so that a single host won't be able to monopolise the 1Mbit that you allow for the network. Secondly, this seems to be a good use for fair queueing, where you want equal sharing of the 1Mbit/s bandwidth: ipfw pipe 1 config bw 1Mbit/s ipfw queue 2 config pipe 1 weight 1 mask dst-ip 0x000000ff ipfw add queue 2 ip from any to 1.2.3.0/24 (you do not need fw_one_pass=0 in this case) cheers luigi On Mon, Apr 15, 2002 at 04:04:06AM +0300, Mihail Balikov wrote: > Hi, > > is it correct to use such configuration : > > sysctl -w net.inet.ip.fw.one_pass=0 > > # process only outgoing packets > ipfw add 10 allow all from any to any in > # shape whole network to 1Mb/s > ipfw add 15 pipe 15 all from any to 1.2.3.0/24 > ipfw pipe 15 config bw 1Mbit/s > # shape every host to 64Kb/s > ipfw add 20 pipe 20 all from any to 1.2.3.0/24 > ipfw pipe 20 config mask dst-ip 0x000000ff bw 64Kbit/s > # transmit packet > ipfw add 30 allow all from any to any > > regards, > Mihail > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020414221105.B21946>