Re: Using ipfw pipes for bandwidth management - can it allow for "bursting"?

From: Adam Nealis (
Date: 09/27/01

Date: Thu, 27 Sep 2001 16:43:36 +0100 (BST)
From: Adam Nealis <>
To: Krzysztof Stryjek <>

Hi Krzysztof,

 --- Krzysztof Stryjek <> wrote:
> On Wed, 26 Sep 2001, [iso-8859-1] Adam Nealis wrote:
> > and as a FreeBSD fan I'd like to use something that was
> > part of the core OS.
> >
> As it was said, you shod man dummynet, but I'm using bandwidth for
> outgoing ftp (firewall script):
> # Add pipe for FTP transfers (-> world)
> ${fwcmd} add pipe 21 tcp from ${ip} to any out
> ${fwcmd} pipe 21 config mask src-port 21 proto ftp bw 24Kbit/s delay 5ms
> # Allow TCP through if setup succeeded
> ${fwcmd} add pass tcp from any to any established
> where ${ip} is my IP number. As you can see, it *should* be before next
> rule of accepting established connections.
I understand this use of ipfw as a method of bandwidth
control, however my question concerned the use of the
red|gred parameters to allow connections to have
available more than their nominal aggregate bandwidth
for short time spans. Which is what I meant by "bursting".


Do You Yahoo!?
Get your free address at
or your free address at

To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message