Date: Thu, 12 Feb 2009 06:31:41 -0600 From: eculp <eculp@encontacto.net> To: Tom Uffner <tom@uffner.com> Cc: freebsd-pf@freebsd.org Subject: Re: PF + ALTQ - Bandwidth per customer Message-ID: <20090212063141.11024jm7bsi7shio@econet.encontacto.net> In-Reply-To: <4993EB42.2020503@uffner.com> References: <76463C1E8CB14B958088F7E54C611560@ashevchenko> <493634DA.7000408@infoweapons.com> <20081203071940.324735uokbfgyh6o@econet.encontacto.net> <4993EB42.2020503@uffner.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting Tom Uffner <tom@uffner.com>: > eculp wrote: > >> I don't remember why but for some reason I have the idea that =20 >> pf+altq is not bidirectional. Am I mistaken? > > no solution that does not involve cooperation from your upstream > connection(s) is truly bidirectional. it is easy to limit/shape > your outbound traffic. on the other hand it is difficult if not > impossible to unilaterally control the amount or sources of inbound > data arriving at your border router(s) on it's way to various > applications (mail servers, for example). > > you can _pretend_ to by dropping, queuing or otherwise limiting it > once inside your network, but you cannot meaningfully prevent it from > using your downlink bandwidth and potentially crowding out other, > possibly more desirable, inbound data. > Hi, Tom. Thanks for responding. As I read your answer and my question. I'm =20 pretty sure that I probably didn't ask the question properly. What I =20 need to do is be intermediary between my upstream ISP's and my =20 customers and would like to control the bandwidth hogs. Basically, I want certain outgoing traffic based on port to go to ISP1 =20 and all other, not blocked, ports to go to the other while limiting =20 the available internal bandwidth to each downstream client say to 64k =20 if and if borrowing is possible when traffic is low, great. I did =20 something like this with IPFW and dummynet maybe 6 or more years ago =20 and as I remember, worked and solved an immediate problem of =20 downstream demand not being distributed adequately or equitably. The =20 major differences were connection speed and there was only one isp. I've looked at: http://www.openbsd.org/faq/pf/pools.html It ether doesn't do what I want or I don't understand how to make it =20 do what I want. I am considering going back to IPFW and dummynet but =20 now that I'm using PF, I am a bit lazy to try and integrate what I =20 have in pf to IPFW. Thanks for any help, advice, configuration examples, etc. ed
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090212063141.11024jm7bsi7shio>