Date: Wed, 03 Nov 2004 16:10:08 -0500 From: Bob Ababurko <bob@phreakout.net> To: freebsd-ipfw@freebsd.org Subject: Re: assistance dummynet config Message-ID: <6.0.3.0.0.20041103152300.02238ec0@dreadlock.phreakout.net> In-Reply-To: <6.0.3.0.0.20041101123154.02265a08@mail.dc2.adelphia.net> References: <6.0.3.0.0.20041101123154.02265a08@mail.dc2.adelphia.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:58 PM 11/1/2004, you wrote: >Hello all- > >WHat I am trying to accomplish with this dummynet config is give priority >to udp traffic, namely dns and tcp ack's so that I can send mail to our >clients announcement list, as fast and efficient as possible without >congestion. So basically, I need this machine to ba able to make dns >lookups with out a problem and I need the acks to get back to my machine >so that the SMTP conversation can take place with out latency. I am not >sure if I have taken all that I need into consideration, but for now I >could use some constructive criticism in terms of making it better. > >Using FreeBSD 5.2.1, I have: > >/etc/sysctl.conf : >net.inet.ip.fw.one_pass=0 > >/etc/rc.conf : >firewall_enable="YES" >firewall_script="/etc/rc.dummynet" >firewall_type="open" >firewall_logging="YES" > > >/etc/rc.dummynet : >ipfw -f flush >ipfw pipe 1 config bw 300kbits/s >ipfw queue 1 config pipe 1 weight 100 >ipfw queue 2 config pipe 1 weight 1 mask all >ipfw add 100 queue 1 udp from any to any out via fxp0 >ipfw add 101 skipto 1000 udp from any to any out via fxp0 >ipfw add 110 queue 1 tcp from any to any out via fxp0 tcpflags ack >ipfw add 111 skipto 1000 tcp from any to any out via fxp0 tcpflags ack >ipfw add queue 2 ip from any to any out via fxp0 >ipfw add 1000 allow all from any to any > > >Can I make this better or am I even on the right road?? Thanks in advance >for your help. > >Regards, >Bob > >_______________________________________________ >freebsd-ipfw@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw >To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" I find myself responding to my own post....I noted in my initial post that I am using the dummynet on a machine that is sending mail, I am not sure that I need to let it be known, but I am not a spammer and the announcement list is a newsletter for an opt-in list. We do hosting , but we just took on a client that has a newsletter and when it is deploying, the machine that it is on, is totally worthless to the rest of us at the shop. I am wondering why I am not getting any responses from the list and hope that this is the reason and it is not because people do not care, or do not bother to get the list. I am also wondering if there is a way to do any limiting based on alias addresses. I am thinking about putting the DNS, which is the service that we at the office are not able to access while the mail is being sent out on the machine. Is there a way to designate a virtual interface in the dummynet config. I came from a Solaris background and the virtual interface were addressed as hme0:1. I know that FreeBSD does not use this notation, but is there a way to make rules for additional virtual interface or aliases? Thanks for the help in advance? I hope. peace, Bob
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.3.0.0.20041103152300.02238ec0>