Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 22 Jan 2004 15:12:49 +1030
From:      "Daniel O'Connor" <doconnor@gsoft.com.au>
To:        Ganbold <ganbold@micom.mng.net>, freebsd-ipfw@freebsd.org
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: Bandwidth limiting for eMule ports
Message-ID:  <200401221512.49260.doconnor@gsoft.com.au>
In-Reply-To: <6.0.1.1.2.20040122120552.0293bd20@202.179.0.80>
References:  <6.0.1.1.2.20040122120552.0293bd20@202.179.0.80>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Thursday 22 January 2004 14:49, Ganbold wrote:
> Am I doing right? For what NIC should I implement filtering, outside or
> inside interface?
> When I see MRTG graphs for ipfw it still shows bandwidth more than it
> supposed to:(

A few points..
- The nic is not really relevant except as a way of selecting packets more 
  accurately.
- Incoming packets (from the outside world to you) are more difficult to limit 
  because the other end sends them and the gateway can only do the limiting 
  after they are already received. That said it DOES work but it tends to lag 
  behind reality a little.

I use dummynet to limit TCP traffic when playing games and I use the following 
rules..

ipfw pipe 1 config bw 1kbyte/sec queue 10kbytes
ipfw pipe 2 config bw 5kbyte/sec queue 10kbytes
...
ipfw add 01900 pipe 1 tcp from any to any out xmit tun0
ipfw add 02000 pipe 2 tcp from any to any in recv tun0
...

ie I limit incoming(downloads) to 5k/sec and outgoing(uploads) to 1k/sec.
I use in/out because I only want to limit packets across my tun0 (PPPoE) 
interface.

Hope that helps.

-- 
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
  -- Andrew Tanenbaum
GPG Fingerprint - 9A8C 569F 685A D928 5140  AE4B 319B 41F4 5D17 FDD5



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?200401221512.49260.doconnor>