Date: Wed, 2 Apr 2008 15:18:11 -0800 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Giorgos Keramidas" <keramida@ceid.upatras.gr>, "Wojciech Puchar" <wojtek@wojtek.tensor.gdynia.pl> Cc: freebsd@top-consulting.net, freebsd-questions@freebsd.org Subject: RE: FreeBSD Traffic Shaping Message-ID: <BMEDLGAENEKCJFGODFOCAEJCCFAA.tedm@toybox.placo.com> In-Reply-To: <87iqz0kv6w.fsf@kobe.laptop>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: Giorgos Keramidas [mailto:keramida@ceid.upatras.gr] > Sent: Wednesday, April 02, 2008 9:45 AM > To: Wojciech Puchar > Cc: Ted Mittelstaedt; freebsd@top-consulting.net; > freebsd-questions@freebsd.org > Subject: Re: FreeBSD Traffic Shaping > > > On Wed, 2 Apr 2008 11:30:44 +0200 (CEST), Wojciech Puchar > <wojtek@wojtek.tensor.gdynia.pl> wrote: > >> The vast majority of people out there have asymmetrical bandwidth > >> limiting needs - that is, they have a pipe to the Internet and have a > >> lot more data coming from the Internet to them, than data going from > >> them to the Internet. Their desire is to somehow make it so that > >> certain kinds of incoming data meeting certain criteria are limited. > >> Their problem is that since they don't have control of the end > >> sending the data to them, they can't do this. > > > > but you ROUGHLY can do this with ipfw. > > by limiting at your end - the other end will slow down. > > Unless the sending endpoint just ignores your limited incoming pipe > characteristics and keeps flooding you with DNS or ICMP requests, until > you scream for help. > It's not just that. It's also stuff like kazza, and theres this shareware downloader out there I forget the name of which opens multiple connections to multiple sites, which also will not be limited. Oh and I also forgot online games too, some will ignore the limiters. (it's been my observation, that is) And, things like incoming e-mail spammers, the spam handshakes that their spam networks send are too short, and will come in full-bore. The other problem is that because the limiting works by delaying traffic so that the tcp sliding window is exceeded, if the sender and recipient put up large enough tcp receive windows they should be able to defeat it. This used to be standard advice for windows 2K and under as the registry could be modded to change those parameters. (since the defaults were too small for the Internet) Ted
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BMEDLGAENEKCJFGODFOCAEJCCFAA.tedm>