Date: Mon, 13 Aug 2007 10:05:15 -0400 From: Chris Marlatt <cmarlatt@rxsec.com> To: dian@spin.net.id Cc: freebsd-pf@freebsd.org Subject: Re: Using PF + ALTQ in FreeBSD 6.2 Message-ID: <46C0651B.5030800@rxsec.com> In-Reply-To: <46C063DD.50008@spin.net.id> References: <46BFD392.2020804@spin.net.id> <20070813043049.GA32692@verio.net> <46C0562A.8060201@rxsec.com> <46C063DD.50008@spin.net.id>
next in thread | previous in thread | raw e-mail | index | archive | help
Dian Candra wrote: > Yes, it's work with Dummynet well, cause I'm using dummynet for some > years. The problem is, with dummynet I could not do "borrow" bandwidth > from the parent. > So, I should move to ALTQ+PF, but unfortunately I'm facing a problem > with it. > Please give me some comment, If I use ALTQ+PF in my router, it's really > could not limit incoming and outgoing traffic from/to my client ? > Does no one have a bettter experience ? > > regards, > > Dian > I haven't had time to test this idea yet, maybe someone else can shed some light on this, but seeing as ALTQ can only queue outbound traffic, have you thought about queuing on both your external and internal interfaces? Simply changing perspective of the rules? This is dependent upon pf/ALTQ actually taking two "altq" statements in the pf.conf which I'm not certain it can do. It doesn't complain about the syntax but like I said before, I haven't tested this yet. You could also try to use a combination of pf and ipfw. I used such an implementation when I needed to do per ip bw limits and needed more queues than ALTQ would support. ipfw's "mask src-ip" and "mask dst-ip" work nicely for this. Best of luck in finding a functional solution. Regards, Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46C0651B.5030800>