Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 14 Apr 2002 22:11:05 -0700
From:      Luigi Rizzo <rizzo@icir.org>
To:        Mihail Balikov <misho@interbgc.com>
Cc:        freebsd-ipfw@FreeBSD.ORG
Subject:   Re: dummynet and ip.fw.one_pass
Message-ID:  <20020414221105.B21946@iguana.icir.org>
In-Reply-To: <003401c1e419$70e73340$eee209d9@interbgc.com>
References:  <003401c1e419$70e73340$eee209d9@interbgc.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
the code seems correct, but I would do the shaping in the opposite
order so that a single host won't be able to monopolise the 1Mbit
that you allow for the network.

Secondly, this seems to be a good use for fair queueing, where
you want equal sharing of the 1Mbit/s bandwidth:

	ipfw pipe 1 config bw 1Mbit/s
	ipfw queue 2 config pipe 1 weight 1 mask dst-ip 0x000000ff

	ipfw add queue 2 ip from any to 1.2.3.0/24

(you do not need fw_one_pass=0 in this case)

	cheers
	luigi

On Mon, Apr 15, 2002 at 04:04:06AM +0300, Mihail Balikov wrote:
> Hi,
> 
> is it correct to use such configuration : 
> 
> sysctl -w net.inet.ip.fw.one_pass=0
> 
>   # process only outgoing packets
> ipfw add 10 allow all from any to any in
>   # shape whole network to 1Mb/s
> ipfw add 15 pipe 15 all from any to 1.2.3.0/24
> ipfw pipe 15 config bw 1Mbit/s
>   # shape every host to 64Kb/s
> ipfw add 20 pipe 20 all from any to 1.2.3.0/24
> ipfw pipe 20 config mask dst-ip 0x000000ff bw 64Kbit/s
>   # transmit packet
> ipfw add 30 allow all from any to any
> 
> regards,
> Mihail
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-ipfw" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20020414221105.B21946>