Date: Tue, 04 Sep 2007 01:11:06 +0700 From: "Vadim Goncharov" <vadimnuclight@tpu.ru> To: "Russell Fulton" <r.fulton@auckland.ac.nz>, freebsd-ipfw@freebsd.org Subject: Re: beginners questions Message-ID: <optx3bgsbw4fjv08@nuclight.avtf.net> In-Reply-To: <46D76443.80407@auckland.ac.nz> References: <46D76443.80407@auckland.ac.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
31.08.07 @ 07:43 Russell Fulton wrote: > Before you ask, yes I've RTFM ;) which was very imformative and there > are still some things that I have missed. > > 1/ Is there a way of reloading rules while maintaining the state table > or is this the default? (put another way does flush affect dynamic > rules). Yes, it flushes dynamic rules because they depend on their parents, which are flushed too. > 2/ we are using state and also shaping traffic via pipes. What > interaction, if any is there between pipes and state? i.e. if a packet > gets sent to a pipe will other traffic that is matched by the dynamic > rule also get sent to the pipe? Yes, it should. > 3/ are pipes bidirectional? I.e. do I need to say > > add 02421 pipe 6 all from 130.216.95.0/24 to any > add 02422 pipe 7 all from any to 130.216.95.0/24 Umm... that depends on what you really want. Pipe is unidirectional in sense that you always send packets into one end, and they'll get out from the other end. So speed is depends on where that ends are connected to. So if you are configuring pipe to, e.g., 1 Mbit, and say "pipe 1 all from A to B" and "pipe 1 all from B to A", then both upload+download between A and B will be 1 Mbit, SUMMARY. And if you send "A to B" traffic into 512 Kbit pipe and "B to A" traffic into 128 Kbit pipe, than you'll get exactly this speed, in specified directions, respectively. -- WBR, Vadim Goncharov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?optx3bgsbw4fjv08>