Date: Mon, 7 Jan 2013 10:14:39 +0100 From: Luigi Rizzo <rizzo@iet.unipi.it> To: Sami Halabi <sodynet1@gmail.com> Cc: freebsd-ipfw <freebsd-ipfw@freebsd.org> Subject: Re: Limit Session Bandwidth Message-ID: <20130107091439.GA15263@onelab2.iet.unipi.it> In-Reply-To: <CAEW%2Bogaz0FbYatSA3FkNhTmyV9tt4xxzNRqb4Vnm80dvhiBUbg@mail.gmail.com> References: <CAEW%2BogbGVYLiuPesyR5qTcjhMVFvbzU-yYX8CRbJ_Hs3C6RpMQ@mail.gmail.com> <20130103082937.GB54360@onelab2.iet.unipi.it> <CAAcX-AFC9zBdGax71OM_YGqtczyYB_G2GUMbVymEsRHB8rYzxQ@mail.gmail.com> <CAEW%2BogbMZ7vmO0Jp%2BBHO4NmfDbbGHZai09RwG9aE1bQ_jwHswg@mail.gmail.com> <20130105233743.GA94797@onelab2.iet.unipi.it> <CAEW%2Bogaz0FbYatSA3FkNhTmyV9tt4xxzNRqb4Vnm80dvhiBUbg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 07, 2013 at 08:59:46AM +0200, Sami Halabi wrote: > Hi, > Thank you for the help. > > sysctl net.inet.ip.fw.one_pass=0 > introduces some issues to my configuration limits in my current > configuration, because limits aren't applied correctly since we continue > after the pipe, eg: > i had: > 1900 pipe 1000 all from x.y.z.1 to any > 2000 pipe 1001 all from any to x.y.z.1 > 2100 pipe 2000 all from x.y.z.0/24 to any > 2100 pipe 2001 all from any to x.y.z.0/24 > . > . > more pipes > . > .. > 6500 allow all from any to any > > so the I had special limit(large) for x.y.z.1 IP but another limit in the > whole /24 that i didn't want it to affect. > any ideas how to solve it? i thought about skipto but I'm not sure how to > use. > Sami one_pass = 0 essentially requires an accept rule after each pipe to behave similarly to the other case. How to do it depends on the configuration. Probably it would be good to make "one_pass" a per-pipe option. cheers luigi > On Sun, Jan 6, 2013 at 1:37 AM, Luigi Rizzo <rizzo@iet.unipi.it> wrote: > > > On Sat, Jan 05, 2013 at 02:51:07PM +0200, Sami Halabi wrote: > > > Hi Luigi & Ozkan, > > > > > > Thanks for the response. > > > > > > Luigi i saw you said in some list never trust italians :), so i went step > > > by step. > > > first i put: > > > me out from a pipe > > > > > > sysctl net.inet.ip.fw.one_pass=0 > > > ipfw pipe 123 config bw 1Mbit/s mask all > > > ipfw add 100 pipe 123 out > > > > > > ipfw add 120 allow ip from any to any > > > > > > Works like a charm. > > > > > > Next Step wil be: > > > ipfw pipe 456 config bw 10Mbit/s > > > > > > ipfw sched 789 config mask all pipe 123 > > > or it should be: > > > ipfw sched 789 config mask all pipe 456 > > > > the latter. > > > > > ipfw add 110 queue 789 out > > > > > > > > > whats is the correct configuration ? > > > > > > the mask options isn't well documented, in the handbook its not even > > > mentiond. > > > > the manpage is slightly more up to date. > > The handbook is probably years behind. > > > > cheers > > luigi > > > > > same goes for scheduler... > > > I got the feeling that only few here know the options very welll... maybe > > > I'm wrong? > > > > > > Sami > > > > > > > > > > > > On Thu, Jan 3, 2013 at 12:46 PM, ?zkan KIRIK <ozkan.kirik@gmail.com> > > wrote: > > > > > > > I think there is a mistake at the sched config line. it should be as > > > > ipfw sched 789 config mask all pipe 456 > > > > > > > > > > > > On Thu, Jan 3, 2013 at 10:29 AM, Luigi Rizzo <rizzo@iet.unipi.it> > > wrote: > > > > > > > >> ipfw sched 789 config mask all pipe 123 > > > > > > > > > > > > > > > > > > > > > -- > > > Sami Halabi > > > Information Systems Engineer > > > NMS Projects Expert > > > FreeBSD SysAdmin Expert > > > > > > -- > Sami Halabi > Information Systems Engineer > NMS Projects Expert > FreeBSD SysAdmin Expert
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130107091439.GA15263>