10-16-2001
Traffic Shaping
I'm using FreeBSD because I like how easy the system can be set up, how software can be installed/removed and ... many other reasons:-) But there is a thing I don't know how to deal with: I have few connections behind a machine [FreeBSD acting as router and firewall] and I want to give to the machines behind a minimum guaranteed transfer rate and when available all the bandwidth of my internet connection [or a percentage of it]. A command like "ipfw add pipe 1 tcp from any to [host] via [interface_name] && ipfw pipe 1 config bw 512kbit/s" is not satistfactory because i can set only the upper limit which the specified host can reach, but can't tell nothing about a minimum guaranteed rate. Anyone can help me?
9 More Discussions You Might Find Interesting
1. HP-UX
hi, there,
are there any ways to monitor the NIC traffic on HP-UX, tools or system call? thanks. (2 Replies)
Discussion started by: Frank2004
2 Replies
2. Solaris
i have 3 servers running at home. i always connect to these servers from a windows box via ssh. recently i was snooping my interface on my database server and saw a lot of ssh traffic. this is a few lines of the snoop:
deathstar -> xstar TCP D=22 S=3190 Ack=662538517 Seq=1676539194... (2 Replies)
Discussion started by: pupp
2 Replies
3. IP Networking
What exactly is the difference between ingress and egress in traffic shaping, what does it mean when we say that imq provies ingress shaping using egress qdisks? (3 Replies)
Discussion started by: Maksim
3 Replies
4. IP Networking
Not sure if this considered traffic shaping or not, so I'll appreciate the enlightenment...
Setup- Mac Pro, Mac OS X 10.5.6, Crashplan Pro Backup server.
the Mac Pro has 2 E-net ports, en0, en1.
Both E-net ports are connected to the same network, different IP's.
Problem-
We are planning to... (1 Reply)
Discussion started by: pbenware
1 Replies
5. Linux
Hello All
I have the following setup of a network. Client machines sends requests to the server which is (192.168.1.50) running on Ubuntu server 8.04. And this server forwards all incoming traffic from clients to another server (192.168.1.100) when it's available. The availability is checked... (0 Replies)
Discussion started by: Anuradhai4i
0 Replies
6. IP Networking
Hi,
I've been looking for a few hours now, reading various docs and man pages, but the info I found so far is either not what I was looking for or I just don't get how to do the thing I need....
So, my "problems" is that I have a server running on a specific port and I need to shape traffic... (2 Replies)
Discussion started by: Zamba
2 Replies
7. IP Networking
hello,
I have a postfix & a local dns running on a single server.
this server is connected to internet via a low bandwidth line(with fixed ip).
we also have another high speed adsl (dynamic ip).
i want to divert all dns request from the local dns & postfix
from the server to the adsl... (0 Replies)
Discussion started by: coolatt
0 Replies
8. Cybersecurity
Hi All,
I have just started learning Lunix; I hope you can help me to block unwanted DNS traffic.
I have big spikes of traffic few times a day. The duration is from few minutes to two hours.
Incoming traffic is 1 mbps, outgoing is 3mbps
Using my friend's script I was able to get some... (1 Reply)
Discussion started by: OlegE
1 Replies
9. IP Networking
So I want to limit the download and upload speed of a specific ip adress in a local network. To do this I are using a bach script running in a linux OS (Ubuntu 11.04). The issue here is that the upload shaper does not work. I have tried an alternate solution aswell though that does not work as... (0 Replies)
Discussion started by: martio09
0 Replies
LEARN ABOUT MOJAVE
ipfirewall
IPFW(4) BSD Kernel Interfaces Manual IPFW(4)
NAME
ipfw -- IP packet filter and traffic accounting
SYNOPSIS
To compile ipfw into the kernel, place the following option in the kernel configuration file:
options IPFIREWALL
Other kernel options related to ipfw which may also be useful are:
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_FORWARD
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
To load ipfw as a module at boot time, add the following line into the loader.conf(5) file:
ipfw_load="YES"
DESCRIPTION
The ipfw system facility allows filtering, redirecting, and other operations on IP packets travelling through network interfaces.
The default behavior of ipfw is to block all incoming and outgoing traffic. This behavior can be modified, to allow all traffic through the
ipfw firewall by default, by enabling the IPFIREWALL_DEFAULT_TO_ACCEPT kernel option. This option may be useful when configuring ipfw for
the first time. If the default ipfw behavior is to allow everything, it is easier to cope with firewall-tuning mistakes which may acciden-
tally block all traffic.
To enable logging of packets passing through ipfw, enable the IPFIREWALL_VERBOSE kernel option. The IPFIREWALL_VERBOSE_LIMIT option will
prevent syslogd(8) from flooding system logs or causing local Denial of Service. This option may be set to the number of packets which will
be logged on a per-entry basis before the entry is rate-limited.
Policy routing and transparent forwarding features of ipfw can be enabled by IPFIREWALL_FORWARD kernel option.
The user interface for ipfw is implemented by the ipfw(8) utility, so please refer to the ipfw(8) manpage for a complete description of the
ipfw capabilities and how to use it.
SEE ALSO
setsockopt(2), divert(4), ip(4), ipfw(8), sysctl(8), syslogd(8), pfil(9)
BSD September 1, 2006 BSD