Date: Wed, 2 Apr 2008 14:48:07 -0800 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: <freebsd@top-consulting.net>, <freebsd-questions@freebsd.org> Subject: RE: FreeBSD Traffic Shaping Message-ID: <BMEDLGAENEKCJFGODFOCAEJBCFAA.tedm@toybox.placo.com> In-Reply-To: <20080402083804.42843bk8hlfa07y8@mail.top-consulting.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of > freebsd@top-consulting.net > Sent: Wednesday, April 02, 2008 4:38 AM > To: freebsd-questions@freebsd.org > Subject: RE: FreeBSD Traffic Shaping > > > I can now confirm that these two commands do exactly what I mentioned > originally. > > All outbound connections towards any host port 80 will have a maximum > bandwidth of 100Kbit/s individually ( output ) > > ipfw pipe 2 config mask all bw 100Kbit/s > ipfw add 10 pipe 2 tcp from localip to any 80 > > Problem solved :) > Are you sure about this? If your serving webpages, your listening on port 80 The tcp initiator uses a source port randomly chosen above 80 and a destination port on your host of 80 Your host responds with traffic with a source port of 80 and a destination port of the initiator's choosing. You don't want to limit destination port 80 traffic since your not sending it. I would suggest after deployment that you carefully look at your access lists and keep an eye on your utilization graphs to make sure it's doing what you think it's supposed to be doing. Ted
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BMEDLGAENEKCJFGODFOCAEJBCFAA.tedm>