Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 23 Feb 2002 04:06:13 -0700 (MST)
From:      FreeBSD user <>
To:        Sean Chittenden <>
Cc:        Michael Sierchio <>, Luigi Rizzo <>, <freebsd-ipfw@FreeBSD.ORG>
Subject:   Re: ipfw, dummynet, weights, and ssh?
Message-ID:  <>
In-Reply-To: <20020222180001.A24470@ninja1.internal>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
I don't understand how this is a bandwidth reservation issue. I simply
want ssh packets to receive priority over all other packets. Does this
mean I have to specifically set aside say, some amount of bandwidth even
if there are no ssh connects at the time? I don't understand the issue, I
guess, of what's involved in giving priority to ssh packets. Is it indeed
a bandwidth reservation issue, or is there no such thing as priority when
dealing with packets leaving and entering an interface? Btw. I'm on a
RADSL that's dynamic, so I have no idea at any given moment in time how
much bandwidth I've got from QWest. From their rep, they said anywhere
from 128kb to 1.2mb. Dunno if that's true or not, but I don't know if I
can simply say to ipfw, "I've got a 128kb pipe, set aside 5kb at all times
for ssh packets"

Do I have to specify a bandwidth?

From reading dummynet(4), it's refering to a queue with pipes. I don't
know the exact workings of dummynet, but from what I remember of my
datastructured class on queues, can't ssh packets entering a queue be
moved to the head of the line before other packets currently in the queue?
So say, I specify one pipe that all packets have to go through. And
when a ssh packet enters the pipe and it gets pulled out of order and
moved immediately to the head of the queue/pipe?

Just tossing thoughts around.. Please don't take my idle thoughts as
anything but that. I guess I can try reading the ipfw/dummynet sources,
but with my diminuitive programming background, I think I'd have better
luck deciphering Bush's budget plans.

On Fri, 22 Feb 2002, Sean Chittenden wrote:

> > > If you're trying to do rate-shapping, you might want to check out
> > > dummynet(4).  That man page helped me the most in setting up
> > > rate-shapping.  -sc
> >
> > Care to share examples?  For example, is bandwidth reservation
> > possible (which is what the question seemed to be), or is this
> > achieved indirectly through bandwidth limiting of other traffic?
> From dummynet(4):
> ipfw pipe 1 config bw 1Mbit/s
> ipfw add pipe 1 ip from A to B out
> ipfw add pipe 1 ip from B to A in
> where A can be one of the following (from ipfw(8)):
>              ipno       An IP number of the form  Only this exact IP
>                         number will match the rule.
>              ipno/bits  An IP number with a mask width of the form
>                         In this case all IP numbers from to
>                         will match.
>              ipno:mask  An IP number with a mask of the form
>                 In this case all IP numbers
>                         from to will match.
> You can also add ports to that in the same way you would make a normal
> filewall rule.  -sc
> --
> Sean Chittenden

To Unsubscribe: send mail to
with "unsubscribe freebsd-ipfw" in the body of the message

Want to link to this message? Use this URL: <>