Shaping a lot of users...
Sean Hafeez
sahafeez at edgefocus.com
Thu Oct 23 11:45:50 PDT 2003
I am using the following:
ipfw -f flush
/sbin/natd -interface rl0
ipfw add 999 divert natd all from any to any via rl0
ipfw add pipe 1 ip from any to any in recv rl1
ipfw add pipe 2 ip from any to any out xmit rl1
ipfw pipe 1 config mask src-ip 0xffffffff bw 1024kbits/s
ipfw pipe 2 config mask dst-ip 0xffffffff bw 1024kbits/s
rl0 - outside
rl1 - inside
and I have this is my sysctl.conf
net.inet.ip.fw.one_pass=0
net.inet.ip.dummynet.hash_size=512
net.inet.ip.dummynet.max_chain_len=64
This seems to work great for limiting each user to a max of 1 meg up
and down.
What I want to know is how do I do the same thing but shape the users
to have EQUAL bandwidth in times of load. What I mean is this:
Each unique IP address on the inside (192.168.1.x/22) is limited to a
max of 1 meg. If there is a hugh load that exceeds my internet
bandwidth (2 T1's - so 3 megs) I would like each users to get the same
amount of bandwidth - 30 users all getting 100k. I would like it to
adjust based on the load.
I have looked at the docs and example but I am a bit confused.
Also we need to be careful not to shape the BSD box itself - I have
seen some rules that screw things up because they shape the shaping
box!!
Thanks All!
More information about the freebsd-ipfw
mailing list