Re: Using ipfw pipes for bandwidth management - can it allow for "bursting"?

From: Adam Nealis (
Date: 09/27/01

Date: Thu, 27 Sep 2001 16:43:36 +0100 (BST)
From: Adam Nealis <>
To: Krzysztof Stryjek <>

Hi Krzysztof,

 --- Krzysztof Stryjek <> wrote:
> On Wed, 26 Sep 2001, [iso-8859-1] Adam Nealis wrote:
> > and as a FreeBSD fan I'd like to use something that was
> > part of the core OS.
> >
> As it was said, you shod man dummynet, but I'm using bandwidth for
> outgoing ftp (firewall script):
> # Add pipe for FTP transfers (-> world)
> ${fwcmd} add pipe 21 tcp from ${ip} to any out
> ${fwcmd} pipe 21 config mask src-port 21 proto ftp bw 24Kbit/s delay 5ms
> # Allow TCP through if setup succeeded
> ${fwcmd} add pass tcp from any to any established
> where ${ip} is my IP number. As you can see, it *should* be before next
> rule of accepting established connections.
I understand this use of ipfw as a method of bandwidth
control, however my question concerned the use of the
red|gred parameters to allow connections to have
available more than their nominal aggregate bandwidth
for short time spans. Which is what I meant by "bursting".


Do You Yahoo!?
Get your free address at
or your free address at

To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: sharing connection
    ... "points" that TCP throttles really have no purpose. ... you have more connections than your bandwidth can support easily. ... You seem to ignore the fact that every network that has less bandwidth ...
  • Re: top for tcpdump
    ... I have someone consuming a lot of bandwidth but with so many tcp ... connections, I'm not sure who it is. ...