Hi!
I've already posted this on the freebsd-questions mailing list, but I thought I could try it here too.
I'm using FreeBSD 7.0 with IPFW DUMMYNET enabled.
I've got a problem with creating a ruleset, which allows me to limit the overall bandwidth of a link and afterwards pass the packets to another pipe for processing.
So far I've got those rules:
Code:
in_if="em0"
out_if="em1"
management_if="em2"
in_ip="100.100.100.1"
out_ip="200.200.200.1"
management_ip="172.16.0.201"
client1_subnet="192.168.5.0/26"
client2_subnet="192.168.6.0/26"
server_subnet="192.168.7.0/24"
download_bandwidth="6144Kbit/s"
upload_bandwidth="1024Kbit/s"
delay="0"
queue_size="10"
cmd="ipfw"
$cmd add 10 allow all from any to any via lo0
$cmd pipe 100 config mask src-ip 0xffffffff bw $upload_bandwidth queue $queue_size delay $delay
$cmd pipe 200 config mask dst-ip 0xffffffff bw $download_bandwidth queue $queue_size
$cmd add pipe 100 all from $client1_subnet to $server_subnet in via $in_if
$cmd add pipe 200 all from $server_subnet to $client1_subnet out via $in_if
$cmd add pipe 100 all from $client2_subnet to $server_subnet in via $in_if
$cmd add pipe 200 all from $server_subnet to $client2_subnet out via $in_if
$cmd add 10000 allow all from any to any via $management_if
$cmd add 20000 allow all from any to any via $in_if
$cmd add 30000 allow all from any to any via $out_if
What I want to add now, is the possibility to limit the bandwidth of the whole link, e.g. 100Mbit/s on em0.
I've tried to add a pipe:
$cmd pipe 50 config bw 100Mbit/s queue $queue_size
$cmd add pipe 50 all from any to any via $in_if
But when I have a look at the pipes with 'ipfw show' I can only see packets go through pipe 50 and nothing goes through the other pipes (which makes sense actually since IPFW works that way?).
Any help is much appreciated.
xenator
More UNIX and Linux Forum Topics You Might Find Helpful
01-22-2009
Linear Mode
