Re: Using ipfw pipes for bandwidth management - can it allow for "bursting"?

From: Adam Nealis (adamnealis@yahoo.co.uk)
Date: 09/27/01


Date: Thu, 27 Sep 2001 16:43:36 +0100 (BST)
From: Adam Nealis <adamnealis@yahoo.co.uk>
To: Krzysztof Stryjek <wtp@agsmedia.pl>

Hi Krzysztof,

 --- Krzysztof Stryjek <wtp@agsmedia.pl> wrote:
> On Wed, 26 Sep 2001, [iso-8859-1] Adam Nealis wrote:
> > and as a FreeBSD fan I'd like to use something that was
> > part of the core OS.
> >
> As it was said, you shod man dummynet, but I'm using bandwidth for
> outgoing ftp (firewall script):
>
> # Add pipe for FTP transfers (-> world)
> ${fwcmd} add pipe 21 tcp from ${ip} to any out
> ${fwcmd} pipe 21 config mask src-port 21 proto ftp bw 24Kbit/s delay 5ms
>
> # Allow TCP through if setup succeeded
> ${fwcmd} add pass tcp from any to any established
>
> where ${ip} is my IP number. As you can see, it *should* be before next
> rule of accepting established connections.
I understand this use of ipfw as a method of bandwidth
control, however my question concerned the use of the
red|gred parameters to allow connections to have
available more than their nominal aggregate bandwidth
for short time spans. Which is what I meant by "bursting".

Cheers,
Adam.

____________________________________________________________
Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message