From owner-freebsd-pf@FreeBSD.ORG Fri May 18 09:25:07 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3C0A216A400 for ; Fri, 18 May 2007 09:25:07 +0000 (UTC) (envelope-from volker@vwsoft.com) Received: from frontmail.ipactive.de (frontmail.maindns.de [85.214.95.103]) by mx1.freebsd.org (Postfix) with ESMTP id F382F13C45E for ; Fri, 18 May 2007 09:25:06 +0000 (UTC) (envelope-from volker@vwsoft.com) Received: from mail.vtec.ipme.de (Q7d72.q.ppp-pool.de [89.53.125.114]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by frontmail.ipactive.de (Postfix) with ESMTP id 4F0A312883F for ; Fri, 18 May 2007 11:24:59 +0200 (CEST) Received: from cesar.sz.vwsoft.com (cesar.sz.vwsoft.com [192.168.16.3]) by mail.vtec.ipme.de (Postfix) with ESMTP id 19EEB3F4E8; Fri, 18 May 2007 11:24:34 +0200 (CEST) Message-ID: <464D70D0.3000608@vwsoft.com> Date: Fri, 18 May 2007 11:24:32 +0200 From: Volker User-Agent: Thunderbird 2.0.0.0 (X11/20070420) MIME-Version: 1.0 To: Umar References: <10678120.post@talk.nabble.com> In-Reply-To: <10678120.post@talk.nabble.com> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-VWSoft-MailScanner: Found to be clean X-MailScanner-From: volker@vwsoft.com X-ipactive-MailScanner-Information: Please contact the ISP for more information X-ipactive-MailScanner: Found to be clean X-ipactive-MailScanner-From: volker@vwsoft.com Cc: freebsd-pf@freebsd.org Subject: Re: bandwidth controlling with ALTQ X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 May 2007 09:25:07 -0000 On 05/18/07 10:12, Umar wrote: > Dear Members! > > I am running cable internet and I have 1Mb DSL link now I want to restrict > my user's bandwidth. e.g I want to restrict per IP bandwidth 10KB (donwload > and upload) so please help me how i can mange in PF-ALTQ. > > my pf.conf > > int_inf = emo > ext_inf = fxp0 > > local_net = 192.168.1.0/24 Umar, if you want to limit per IP address, you need to create one queue for every IP address in your internal network. The bandwidth sum of all queues must not exceed the bandwidth of the root queue. If your upstream has a b/w of 256 kBit/s (if it's asymmetric) you can only create 25 queues with 10 kBit/s. You may consider doing it different, as creating one queue for every internal IP address is a nightmare for administration. I'm using hfsc scheduler for the internal network, so every IP should be served fair and a limited cbq queue for them on the external interface and reach good results with that. If b/w is limited as other traffic passes, these stations get their traffic through limited. HTH Volker