From owner-freebsd-ipfw@FreeBSD.ORG Thu Oct 23 11:45:50 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9F11416A4B3 for ; Thu, 23 Oct 2003 11:45:50 -0700 (PDT) Received: from marlborough.cnchost.com (marlborough.concentric.net [207.155.248.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F07143FBF for ; Thu, 23 Oct 2003 11:45:50 -0700 (PDT) (envelope-from sahafeez@edgefocus.com) Received: from edgefocus.com ([12.106.69.222]) by marlborough.cnchost.com id OAA27887; Thu, 23 Oct 2003 14:45:49 -0400 (EDT) [ConcentricHost SMTP Relay 1.15] Errors-To: Date: Thu, 23 Oct 2003 11:45:58 -0700 Mime-Version: 1.0 (Apple Message framework v552) Content-Type: text/plain; charset=US-ASCII; format=flowed From: Sean Hafeez To: freebsd-ipfw@freebsd.org Content-Transfer-Encoding: 7bit Message-Id: <2417D2D4-0589-11D8-BDAD-003065F1EE08@edgefocus.com> X-Mailer: Apple Mail (2.552) Subject: Shaping a lot of users... X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Oct 2003 18:45:50 -0000 I am using the following: ipfw -f flush /sbin/natd -interface rl0 ipfw add 999 divert natd all from any to any via rl0 ipfw add pipe 1 ip from any to any in recv rl1 ipfw add pipe 2 ip from any to any out xmit rl1 ipfw pipe 1 config mask src-ip 0xffffffff bw 1024kbits/s ipfw pipe 2 config mask dst-ip 0xffffffff bw 1024kbits/s rl0 - outside rl1 - inside and I have this is my sysctl.conf net.inet.ip.fw.one_pass=0 net.inet.ip.dummynet.hash_size=512 net.inet.ip.dummynet.max_chain_len=64 This seems to work great for limiting each user to a max of 1 meg up and down. What I want to know is how do I do the same thing but shape the users to have EQUAL bandwidth in times of load. What I mean is this: Each unique IP address on the inside (192.168.1.x/22) is limited to a max of 1 meg. If there is a hugh load that exceeds my internet bandwidth (2 T1's - so 3 megs) I would like each users to get the same amount of bandwidth - 30 users all getting 100k. I would like it to adjust based on the load. I have looked at the docs and example but I am a bit confused. Also we need to be careful not to shape the BSD box itself - I have seen some rules that screw things up because they shape the shaping box!! Thanks All!